Unix file and directory permission is in the form of a 3×3 structure. i.e Three permissions (read, write and execute) available for three types of users (owner, groups and others).
In the output of ls -l command, the 9 characters from 2nd to 10th position represents the permissions for the 3 types of users.
-rw-r--r-- 1 sathiya sathiya 272 Mar 17 08:22 test.txt
In the above example:
- User (sathiya) has read and write permission
- Group has read permission
- Others have read permission
Three file permissions:
- read: permitted to read the contents of file.
- write: permitted to write to the file.
- execute: permitted to execute the file as a program/script.
Three directory permissions:
- read: permitted to read the contents of directory ( view files and sub-directories in that directory ).
- write: permitted to write in to the directory. ( create files and sub-directories in that directory )
- execute: permitted to enter into that directory.
Numeric values for the read, write and execute permissions:
- read 4
- write 2
- execute 1
To have combination of permissions, add required numbers. For example, for read and write permission, it is 4+2 = 6.
Change File and Directory Permissions Using Chmod Command
You can use either the octal representation or symbolic representation to change the permission of a file or directory.
Octal representation for permissions:
- First number is for user
- Second number is for group
- Third number is for others
For example, give read, write ( 4+2 = 6 ) to user and read ( 4 ) to group and others.
$ chmod 644 filename
For example, give read, execute ( 4 + 1 = 5 ) to user and read (4 ) to group, and nothing ( 0 ) to others.
$ chmod 540 filename
For example, give read, write ( 4 + 2 = 6 ) to user and nothing ( 0 ) to group, and read ( 4 ) to others.
$ chmod 604 filename
Umask 022 is Responsible for the default permission of a file
The default umask value is 0022, which decides the default permission for a new file or directory. Default permission for a directory is 0777, for files the permissions are 0666 from which the default umask value 0022 is deducted to get the newly created files or directory permission.
Final default permission for a file is calculated as shown below:
- Default file permission: 666
- Default umask : 022
- Final default file permission: 644
Final default permission for a directory is calculated as shown below:
- Default directory permission: 777
- Default umask: 022
- Final default directory permission: 755
You can change the umask value to appropriate value of what you need based upon the above calculation. For example, if you don’t want anybody other than the user (owner) to do anything on the file or directory then you can give umask as 0077.
$ umask 0077
After this, if you create a file or directory, it will have permissions only for the user as shown below:
$ > testfile $ ls -l testfile -rw------- 1 sathiya sathiya 0 Mar 17 08:23 testfile