Lab 12: Permissions
Objective Focus
- Understand and use essential tools
- List, set, and change standard ugo/rwx permissions
Official RHCSA EX200 Exam Objectives
List Permissions in Linux
Permissions manage what a user can do with a file and/or directory.
| Files | Directory | |
|---|---|---|
| Read | Viewing and copying | List items inside aka ls |
| Write | Modify | create, delete, rename files and subdirs |
| Execution | Running | Change into directory aka cd |
We can use ls and stat to show us the permissions on a file or directory.
$ ls -l $ stat file or directorySet and Change Permissions
We can modify the permissions using symbolic representation or octal representation.
Symbolic
Symbolic refers to letter combinations ugo with rwx and symbols, +-=. Multiple symbolic modes can be given, separated by commas.
| User Categories | Permission Types |
|---|---|
| u: user | (r) read |
| g: groups | (w) write |
| o: other or public | (x) execute |
| a: all |
$ chmod ug+rw testfile.txt - example, adding read and write from users and groups to text file using symbolic combinations.
$ chmod ug-rw testfile.txt - example, removing read and write users and groups to text file using symbolic combinations.
Octal
| Octal | Bit | Value |
|---|---|---|
| Read | r - - | 4 |
| Write | - w - | 2 |
| Execution | - - x | 1 |
$ chmod 660 testfile.txt Using chmod
More Symbolic Examples
$ chmod -v u+x testfile.txt - Adding execute to user class
$ chmod -v +rwx testfile.txt - Adding read, write, and execute to all classes
$ chmod -v u=rw,g-x,o-rw testfile.txt - Setting read and write to user, removing execute from group, removing read and write from other
More Octal Examples
$ chmod -v 777 testfile.txt - Adding read, write, execute to all classes
$ chmod -v 600 testfile.txt - Setting read and write only on user and removing all permissions from group and others
$ chmod -v 441 testfile.txt - Setting read only to user and group then execute only on others.
Understanding Default Permissions
When a file or directory is created the default permissions applied are calculated by using the umask
- umask - User Mask
The purpose of umask is to set the default permissions on newly created files and directories.
Initial permission values are 666 (rw-rw-rw-) for files
Initial permission values are 777 for directories.
$ man 2 umask $ umask - Shows umask in octal form
- The left most 0 does not have any meaning or weight.
$ umask -S - Shows umask in symbolic form
Set new default permissions by using the umask command
$ umask 020 A note about chmod
chmod never changes the permissions of symbolic links; the chmod system call cannot change their permissions. This is not a problem since the permissions of symbolic links are never used. However, for each symbolic link listed on the command line, chmod changes the permissions of the pointed-to file. In contrast, chmod ignores symbolic links encountered during recursive directory traversals. From the man page
That’s all for lab 12!