Linux System Administration for Beginners
Essential Commands
List set and change standard file permissions
Managing file permissions is a core skill for any Linux administrator or user. In this guide, you’ll learn how to view ownership, adjust user and group assignments, interpret permission bits, and modify permissions using both symbolic and octal notation.
Table of Contents
- Understanding Ownership
- Viewing Owner, Group, and Permissions
- Changing Owner and Group
- File Types and Permission Bits
- Permission Evaluation Order
- Modifying Permissions with chmod
- Using Octal Notation with chmod
- Resources & References
Understanding Ownership
Every file or directory on Linux has:
- User owner (UID)
- Group owner (GID)
Only the file’s owner or root
can change its permissions or ownership.
Viewing Owner, Group, and Permissions
Run ls -l
to display permissions, owner, group, size, and timestamp:
$ ls -l
-rw-r----- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
-rw-r-----
: File type and permission bitsaaron
: User ownerfamily
: Group owner
Changing Owner and Group
Change Group: chgrp
$ chgrp wheel family_dog.jpg
Example:
$ ls -l
-rw-r----- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
$ chgrp wheel family_dog.jpg
$ ls -l
-rw-r----- 1 aaron wheel 49 Oct 27 14:41 family_dog.jpg
Note
You can only switch to groups you belong to. Use groups
to list them:
$ groups
aaron wheel family
Change Owner: chown
Only root
(or via sudo
) can change the user owner:
$ sudo chown jane family_dog.jpg
Example:
$ ls -l
-rw-r----- 1 aaron wheel 49 Oct 27 14:41 family_dog.jpg
$ sudo chown jane family_dog.jpg
$ ls -l
-rw-r----- 1 jane wheel 49 Oct 27 14:41 family_dog.jpg
You can change both user and group:
$ sudo chown aaron:family family_dog.jpg
$ ls -l
-rw-r----- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
File Types and Permission Bits
The first character in ls -l
indicates the file type:
Symbol | Type |
---|---|
- | Regular file |
d | Directory |
l | Symbolic link |
Permission bits follow in three sets (owner, group, others):
Bit | Value | Meaning |
---|---|---|
r | 4 | Read |
w | 2 | Write |
x | 1 | Execute (or enter dir) |
[!note] For directories:
r
: list contentsw
: create/delete filesx
: change into the directory
Permission Evaluation Order
Linux checks permissions in this order:
- Owner
- Group
- Others
Consider a file owned by aaron:family
with permissions -r--rw----
:
$ ls -l
-r--rw---- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
- As aaron: owner bits (
r--
) apply → no write$ echo "Update" >> family_dog.jpg bash: family_dog.jpg: Permission denied
- As jane (in
family
): owner bits skipped, group bits (rw-
) apply → can write$ su jane $ echo "Add this content" >> family_dog.jpg $ cat family_dog.jpg Picture of Milo the dog
- Else: “others” bits determine access.
Modifying Permissions with chmod
General syntax:
chmod [who][+|-|=][perms] file
- who:
u
(owner),g
(group),o
(others),a
(all) - +: add permissions
- -: remove permissions
- =: set exact permissions
Adding Permissions
Grant write to owner:
$ ls -l
-r--rw---- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
$ chmod u+w family_dog.jpg
$ ls -l
-rw-rw---- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
Removing Permissions
Use -
to revoke bits. Common patterns:
Note
u-w
: remove owner writeg-rw
: remove group read/writeo-rwx
: remove all for others
Remove read for others:
$ ls -l
-r--rw-r-- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
$ chmod o-r family_dog.jpg
$ ls -l
-r--rw---- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
Setting Exact Permissions
Overwrite existing bits with =
:
$ ls -l
-rw-rw---- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
$ chmod g=r family_dog.jpg
$ ls -l
-rw-r----- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
$ chmod g=rw family_dog.jpg
$ ls -l
-rw-rw---- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
$ chmod g= family_dog.jpg
$ ls -l
-rw------- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
$ chmod g=rwx family_dog.jpg
$ ls -l
-rw-rwx--- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
Combining Multiple Changes
Separate specs with commas:
$ ls -l
-rw-rwxr-x 1 aaron family 49 Oct 27 14:41 family_dog.jpg
# Owner: add read/write, Group: set to read-only, Others: remove all
$ chmod u+rw,g=r,o= family_dog.jpg
$ ls -l
-rw-r----- 1 aaron family 49 Oct 27 14:41 family_dog.jpg
Using Octal Notation with chmod
Octal mode is a compact way to set permissions. First, inspect with stat
:
$ stat family_dog.jpg
File: family_dog.jpg
Size: 49 Blocks: 8 IO Block: 4096 regular file
Device: fd00h/64768d Inode: 52946177 Links: 1
Access: (0640/-rw-r-----) Uid: ( 1000/aaron) Gid: ( 10/wheel)
[!note] Each octal digit = read (4) + write (2) + execute (1).
For0640
:
- Owner
6
=rw-
- Group
4
=r--
- Others
0
=---
Set 0640
directly:
$ chmod 640 family_dog.jpg
Resources & References
Watch Video
Watch video content