



Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
The concept of file permissions in linux operating systems, focusing on the owner, group, and other classes of users. It covers the meaning of read (r), write (w), and execute (x) permissions for files and directories, and demonstrates how to change file permissions using the chmod command in symbolic and octal notation.
Typology: Exercises
1 / 5
This page cannot be seen from the preview
Don't miss anything!




Figure 1: Permissions
You have already seen that using ls -l you can get a ‘long listing’ of the files in the current directory. You home directory should currently contain at least the file myTimetable.txt and the directory Admin. The directory Admin should contain a file myBooks.txt. Executing the commands
ls -l ls -l Admin
should result in output resembling that shown in Figure 1 (remember: ‘l’ is the letter `, not the number ‘ 1 ’). As you can see the output of ls -l consists of several columns with the right-most column obviously containing the names of files and directories. The third column from the left, the one containing ullrich in Figure 1, indicates the owner. For your own files, the corresponding column should show your used id. The fourth column from the left, the one containing csc in Figure 1, indicates the group. Again, the group shown for your files will be different. The left-most column, a rather cryptic looking string of characters and dashes, shows the permissions (alternatively called acccess rights) for each of the files and directories. All modern operating systems use access control lists to control who can do what with a particular file system object. To this end, each file system object is associated with such an access control list that contains access control entries each of which gives an individual user or group the right to perform an operation such as reading, writing, or executing the file system object. Linux, like any traditional UNIX operating system, recognises three classes of users with respect to operations on files: owner, group, and other. Operations are categorised as read (r), write (w), and execute (x). Finally, the file system distinguishes, amongst others, between files and directories. Having read (r), write (w), and execute (x) permission takes slightly different meaning for files and directories:
Permission For a file For a directory read (r) allowed to view file contents allowed to view directory contents write (w) allowed to write to file allowed to remove or add new files to directory execute (x) allowed to execute file allowed to access files in the directory
Some clarification is in order regarding permissions for directories:
So, what does the information shown in Figure 1, and repeated below, tell us about permissions for the files and directories involved?
drwx--x--x. Admin -rw-r--r--. myTimetable.txt -rwx------. myBooks.txt
To change the permissions for file system objects you use the chmod command. In is simplest form, chmod takes two arguments:
2
will create a new file called newFile.txt in the directory Admin. Execute this command and use
ls -l Admin
to see what the permissions for newFile.txt are (see Figure 4).
Figure 4: chmod (3)
As you can see, the file is readable and writable by the owner, i.e. yourself, but by nobody else. If you were to create a new file under Windows, then by default the executable permission would also be set for the owner of the file. Give it a try. So far we haven’t seen an example of an executable file. Let us create one.
Figure 5: Shell script
Using your favourite editor, e.g. gedit, create a new file in your home directory, called myFirstShellScript, with the following content (also see Figure 5):
#!/bin/sh
echo "Hello World!"
Here, the first line indicates what interpreter should be used to execute the rest of the file, namely, the file /bin/sh, the system’s default shell. That will be the GNU Bourne-Again SHell or bash for short. Check with ls -l what the permissions are for myFirstShellScript once you have saved it. Not surprisingly, it is readable and writable by the owner, but nothing else. Try to execute the file by using the command
./myFirstShellScript
in the same directory where this file is stored. You should get an error message telling you that you do not have permission to execute the file. This is correct as so far nobody has execute permission for this file.
Figure 6: Executing files
Let us change that using the command
chmod u+x myFirstShellScript
Then try to execute myFirstShellScript again. This time you will succeed and the script will produce the output
Hello World!
See Figure 6. Now that you know how to change the permissions of a file sys- tem object, you can check whether what has been said on page 1 about permissions for directories is true. Do the following:
chmod u=w Admin touch Admin/testFile
The system should deny you the permission to create testFile.
chmod u+x Admin touch Admin/testFile
This time creating the file testFile should succeed.
chmod also allows to change permissions using a numeric notation. For example
chmod 640 myTimetable.txt
will give the owner of myTimetable.txt read and write permission, the group read permission, and others no permissions. In numeric notation, permissions are given by three digits: The first digit is for owner/user permissions, the second digit for group permissions, and the third digit for the permissions of others. Each digit is the sum of one or more of the following values:
4 set read permission 2 set write permission 1 set execute permission
In our example above, the first digit was 6 , the sum of 4 and 2. Thus, we were instructing chmod to set read and write permission for the owner. The second digit was 4 , so the group was given read permission. Finally, the third digit was 0 , meaning other users have no permissions with respect to the file. Execute the command chmod 640 myTimetable.txt and check whether the permissions change as described above. Then, using numeric notation for permissions, set the permissions for the file myTimetable.txt back to ‘rw-------’.