Linux 4 - Permissions

Показать описание

Lesson 4 delves into file and directory permissions and the 9 RWX bits associated with each.

So here’s a scenario; your root admin has created you as a new user on the system at a company you work for. You have created some important files related to your business on the system, and it’s paramount that these files aren’t tampered with. But someone from another department needs to read the files for verification. Ideally we want them to read the file, but not modify anything. Or how about you’re a web developer, and you have a directory of file scripts you want to share with your team, but no-one else.

By setting file or directory permissions, we can determine what user’s can read, write or even execute. With linux, we can set permissions to do just that. The nine bits assigned to each file or directory define the access that you and the others have. The first 3 bits apply to the owner’s permission. The next three apply to the group assigned and the last 3 apply to all others.

The R stands for read, with a file this means you can view the contents of the file and with a directory, you can see what files and subdirectories it contains.
The W stands for write, meaning a file’s contents can be changed, the file can be renamed or even deleted. If it’s a directory, it means you can add, change or delete files or subdirectories in that directory.
The X stands for Execute. With a file it will be treated as a program and run. With a directory, you can change to it, search or execute a program from that directory.

If a dash appears instead of the letter, it means the permission is turned off for that associated read, write, or execute bit. At any time you can identify the permissions for any file or directories in your present working directory by typing: LS -LD We can see the 9 bit permissions associated with each. In most cases, unless you are the root admin, your ability to alter permissions will be limited. If you own a file, you can use the CHMOD command to alter the permissions as you wish.

The CHMOD command can change permissions with either numbers or letters. In our example we will be using numbers. With numbers, each permission is assigned a number, and you use each set’s total number to establish the permission.

For example, you have written a bash script, and you only want you and your team to be able to execute it. You could apply permissions to it by typing:
CHMOD 750 (followed by the filename). This gives you; the owner, full permissions and your group the ability to read and execute, but not write. All others are entirely prohibited. Permissions can also be applied to a directory recursively, meaning that it will apply the permission to all files and subdirectories contained in that directory. Thank you for watching and don’t forget to subscribe to the SMKS Channel. In the next lesson we will look into Ownership.

References: Linux Bible 8th Bible

Рекомендации по теме

Комментарии

Are you continuing this series? Why not? The only truly relatable YouTube video I have stumbled across so

leoncarr

Comprehendible, concise, vivid - thank you!

yking

These videos are great. You make everything really easy to understand.

nefarious

Thank you so much! now I know what it means by read write and execute of the 9 bits of the directory

Ashvinv

Still valuable info 8 years later. Thank you!

coherencygaming

Briefly, succinctly and crystal clear!

Perciwell

Great videos. But you shuld have mentioned that one should (mostly) never give write permissions to others, and probably not to group either. So anything but 0, 1, 4 or 5 in last and mid digit in permisions sould be avoided. It's easier to manipulate the permssions with the logical names instead of the octal digits, to avoid these errors. I have seen to many 777 to think it is comfortable to teach octal numbers. That is, I think, a shortcut to same problems as MS Windows had/have.

And you forgot to mention the /srv directory (map), that is for server datafiles. It is easier to backup datafiles for web servers if they are placed there instead of in a directory under/var. I read /var as "things varing in size" like log files and standard server data files, and /srv as "server" for puting data that is coning to continuos work, configured and fixed. It is not wrong to set default packed to /var, but when one configure for use, one should move data directory to a directory under /srv. One should use directories like /srv/www/virtualserver.com/ for each virtual server in apache2, that is in a subdirectory of /srv/www of it's own.

andjack