Files, File Ownership and File Permissions

The most basic definition of a file in Linux is that it is a named collection of data which appears to the user as a contiguous block of information.

Everything in Linux is either a file or a process. Files do not just include text files, image files and compiled binary files of programs. A directory is a special type of file, disk partitions are files and hardware device drivers are files. Everything in Linux is either a file or a process (i.e. a running program). In saying this, as a Linux user, you will mostly be dealing with text files, image files and compiled binary files.

Each file has an individual owner (most often the user who created it) and a wider set of owners belonging to a particular Unix group. A Unix group is a set of users who have permission to access particular software or particular files. As an example, in large organisations, groups may be set up so only members of particular teams can access particular files and directories. Groups are also used to ensure that only certain users can use commands which may affect the full Linux system. To see which groups you are in, run the command groups. Each user has a primary group. This will be listed first in the output of groups. By default, any files or directories created by this user will be group owned by this primary group.

When explaining file permissions, it’s perhaps best to look at thing in the context of the output of the command ls -l (the long form output of ls):

drwxrwxr-x 9 mary user 4096 14 Feb 2019 variant_calling
-rwxr-xr-x 1 mary user 18822 4 Apr 2018 vcfutils_1.pl
-rwxr-xr-x 1 mary user 20533 4 Apr 2018 vcfutils_2.pl

In this example, column 5 lists the size of a file/directory, column 6 is the date it was last modified and column 7 displays the file name. Additionally, column 3 lists the user who owns the file and column 4 shows the group owning the file. Column 2 represents the number of links to a file. We won’t go into detail here but this will generally be 1 for a standard file and a number greater than 1 for a directory.

Column 1 gives details of file permissions. It consists of 10 characters. The first character indicates whether a file has a special status. Most commonly, when the character is a d, this means that the listed file is a directory. The next nine characters are split into three groups. Characters 2 to 4 indicate permissions for the owner of the file, characters 5 to 7 for the group owners of the file and characters 8 to 10 indicate permissions for all other users. In each case, if the first character is r, this means the user or group of users can read the file. If the second character is w, this means that the user or group of users can write to the file. Lastly, if the final character is x, this indicates that the file is executable by that user (i.e. it is a script or program they can run). Please note that directories are always executable if a user has permission to look at them.

There are three commands used to change ownership and permissions of files. These are chown, which changes user ownership of a file, chgrp, which changes group ownership of a file, and chmod, which changes the permissions of a file.

Generally, chown can only be used by users with admin rights so you are unlikely to use this command. The general syntax is:

chown OPTIONS USER FILE[S}

Try running

man chown

to list the options available.

Changing group ownership with chgrp uses similar syntax to that used by chown i.e.

chgrp OPTIONS USER FILE[S}

Again, use man to check the options. The option most often used is -r to make changes recursively down a directory. A user can only change group ownership of a file they own. Similarly, a user may only change group ownership of a file to a group they are a member of.

Of the three commands listed above, chmod is the one you will probably use most frequently. It can be used in two ways. The first, known as numeric mode, unsurprisingly uses numeric arguments to set permissions for all three types of user (owner, group and universal). The basic syntax used is similar in some ways to the syntax used for chown and chgrp. It is

chmod OPTIONS THREE_DIGITS FILE[S]

As an example, chmod 666 file.txt will set a file called file.txt to be both readable and writable by the owner, the group and all users.

This site demonstrates the meaning of each digit and can be used to ensure you set permissions correctly:

https://chmod-calculator.com/

The second way to use chmod is known as symbolic mode. It uses a similar syntax but letters and symbols (+ and -) to set permissions. There are always three characters to the argument when running chmod in symbolic mode. The first character must always be a letter and can be one of u (user), g (group), o (others) or a (all i.e anyone covered by u, g or o). The second character is a symbol and can be either + to add a permission level or – to remove a permission level. The third character is a letter, which can be one of r (make files readable), w (make files writeable) or x (make files executable). As an example, chmod g+w file.txt will make file.txt writeable by anyone with group ownership.

Setting file permissions correctly can be important but also takes some getting used to. As with anything related to the command line, practice is key.