File permissions are a crucial part of dealing with Linux based systems and are one of the essential aspects to grasp.
As Linux is an operating system that supports multiple users, it has to rely on a permission system to provide some security and privacy.
If Linux didn’t contain a permission system, then any user would be able to access any other user’s files, this includes the root system files.
By implementing permissions, Linux can control who can interact with a particular file.
For every file, Linux maintains a record on what user and group own it. In addition to this, it also holds permission bits.
These permission bits tell the system what users, groups, or other (Everyone else) can do to a file, whether that be writing to the file, reading the contents of the file, or executing the file.
Permissions are something that we rely on for a few of our Raspberry Pi projects, so gaining knowledge on how they work can be incredibly helpful.
Before we take a deep dive into permissions, we will first go ahead and explain the different permission groups that exist within Linux.
In Linux, there are three distinct permission groups, User, Group, and Other.
User Permission Group
This group holds permissions for the user that is currently marked as the owner of the file or directory.
Typically this is the user that created the file, but ownership can be changed in Linux by making use of the
Group Permission Group
This permission group is used to define permissions that apply to all members of the group that currently owns the file or directory.
For example, if the group that owns the file or directory is called “pimylifeup” then all users who belong to that group get assigned these permissions.
Like the user permission group, this defaults to the same group of the user who created the file/directory.
You can change the group of a file or directory by making use of the
chown or the
Other Permission Group
This permission group is for users who are not the owner or group member of the file or directory.
Typically you would heavily restrict the permissions used for this group as any user gets assigned these permissions.
For example, you would likely not allow anyone in this group to write or execute a file.
Permissions in Linux
In Linux, there are three different permissions that you can specify for each of the three permission groups. These three permissions are Read, Write, and Execute.
When set for a file, the read permission allows the permission group to open and view its contents.
When set for a directory, it allows the group to list the contents of the directory.
When the write permission has been set for a file, it means that the permission group will be able to modify that file.
When the write permission has been assigned to a directory, the permission group will be able to add, delete, and rename files stored in that directory.
There are a few more things you have to take into consideration when dealing with write permissions.
If you permit a group to write to a file but not a directory, then the user will only be able to modify the contents of that file.
Without the write permission on the directory, the permission group will not be able to add, delete or rename any files within it.
With the execute permission set on a file, that permission group will be able to execute the file.
If the file is not an executable program, then it is best not to set any execute rights on the file.
When the execute permission is set on a directory, it means that a permission group will be able to change into the directory and access any of its files.
Viewing permissions on Linux
Within Linux, you can view both the owner of a file and the permissions set to it by making use of the
ls -l command.
For example, if you use this command to get the details of a file such as our example file called
samplefile, you will see similar details to the following.
You will see that the
ls -l command returns several different columns of information.
For this guide, we will only be focusing on the first, third, and fourth columns as these all directly relate to permissions.
The first column contains the file type as well as the permission bits.
The first character in the column makes a note of the file type. If this is just a normal file like in our example, then this will be
-, if this is a directory then the character displayed would be
There are also a few other characters that this can be but we will save that for another guide.
The next nine characters are the permission bits. You can separate these nine characters into 3 character sets.
First Permission Set
The first set being the permissions for the user owner. From our example, this means the owner has the following three permission bits:
Second Permission Set
The second set is the permissions for the group owner. From the example, you can see that the group has the following permissions set:
Third Permission Set
The final and third set contains the permissions for others. Again, from our example, you can see that others group has the same permissions as the group owner:
The Permission Characters
Each of these sets contains three possible permissions that can be set.
A group that has every permission enabled would look like
r stands for Read,
w stands for Write, and
x stands for Execute.
If a particular permission is disabled, then its spot will be replaced with a hyphen (
For example, if the group doesn’t have the write permission, then its permission bits would be
r-x. With the write column being replaced with a hyphen.
|r||Read permission||Allows the permission group to read the contents of the file or directory|
|w||Write permission||Allows the permission group to write content to the file or directory|
|x||Execute permission||Allow the permission group to “run” a file.|
|–||Disabled Permission||Blocks a permission group from running the permission its replacing.|
This column specifies the username of the user that owns the file or directory.
When setting permissions for the “Owner” permission group, this is the user that it affects.
For example, if the owner of the file is a user called pi and they have the permissions
rw- set, then that user will only be able to read and write to that file or directory.
The fourth column specifies the name of the group that owns the file or directory.
When you set permissions for the “Group” permission group, they will affect all users who are members of that group as long as they are not the owner of the file/directory.
For example, let’s assume we have a group called raspberry that had three users called “my“, “life” and “up“. Permissions defined for this group will effect all three of those users when interacting with the file or directory.
Changing Permissions in Linux
In Linux you can modify the permissions assigned to a file or directory by making use of the
To modify permissions you will need a user that has superuser privileges.
Below is an example of using the command on Linux.
chmod u+w samplefile
With this command, we are using symbolic notation to give the owner permission group write privileges on a file called samplefile.
We delve further into how to make use of this command in our basics of the chmod command guide.
Hopefully, at this point, you will now have a basic understanding of how permissions work in Linux.
If you need any help in figuring out permissions or have any feedback, then feel free to drop a comment below.