File and folder permissions are one of the more important differences between Windows and Linux. In Linux's world, the file system is everything. If it isn't part of the file system, it doesn't exist and can't be manipulated, recognized, or used in any way. Controlling who and what can be done with a file then becomes a powerful means of enabling or disabling system functionality and access.
Any discussion of permissions on Linux can become rather complicated, rather quickly. It is rare to actually need to change file and folder permissions from the defaults, especially so outside of your /home. If you have concluded you need to do that, warning bells should sound and red flags should go up. Doing so can easily render your system non-functional or at best compromise your securiety. My first question to a new user about to change file and folder permissions would be, "Why do you think you need to change permissions from the default?" In many/most cases, especially when done outside your /home, you stand a good chance of adding another problem as opposed to solving your existing problem.
Having said that, there are times when it is necessary and/or desirable to adjust some specific permissions. Almost all your GUI file management programs offer some ability to adjust permissions. Unfortunately, I have found most to be limited and somewhat unreliable/inconsistent, depending on the distro, GUI program, and exact situation.
I prefer to do this from the CLI, (Command Line Interface), as it is more precise and reliable, as well as being universal across all the distro variations. There are two ways of doing it from the CLI, one text, the other numerical
. I prefer the numerical
method, though one is as good as the other, so that is what I will use for most of the examples below.
First ownership. This is an important setting, as it determines who owns and therefore controls the file/folder. We use the "chown" command for this. Changing/setting ownership requires root privileges. Example for a folder:
sudo chown -R fred
sudo gives us root privileges.
chown is the ownership command.
-R is the recursive option, to set the entire folder tree the same way.fred
:fredgrp is the owner and group to be set.
/Data is the path to the folder tree we are setting.
As you can see, it is a straight forward terminal command that shouldn't be too difficult to learn and retain, if you aren't the note taker type.
If all you need to do is set the file to execute, perhaps for a script you downloaded from a highly trusted source. And you don't want to take a chance on changing anything else, use the "chmod" command below. Again, root privileges are required:
sudo chmod +x /usr/local/puresex.sh
sudo gives us root privileges.
chmod is the command for setting permissions.
+x adds the execute bit.
/usr/local/puresex.sh is the path and file to set to execute.
Again, a pretty straight forward terminal command.
Now we get a bit more complicated. There is a bit that we will ignore in this discussion that is for SGID, SUID, and sticky bit that you would almost never use. If you want to know more about it you can Google it. But for now we will always set it, the first bit, to "0".
For each file/folder we can set read, write, and execute privileges for the owner, the group, and others. We can do this with a simple numerical
formula and add the columns to get the right numerical
value to use in the "chmod" command. The advantage to this method is it is less error prone, believe it or not. You are not as likely to forget something or get confused with the repetitive text, -, and +. Read has a value of 4. Write has a value of 2. And execute has a value of 1. The three columns are Owner, Group, and Others. I know I have you totally confused. Rather than try to draw a table demonstrating this I want to refer you to the url below. There is a handy table/calculator there that I am sure will clear it all up for you. Just look at it and click the permissions you want for each type of user and you will see how the values are tallied up. Try a few combinations to see how it works. If you can do simple addition, or even if you can't, you are home free. http://www.onlineconversion.com/html_ch ... ulator.htm
Example of the "chmod" permission setting command:
sudo chmod -R 0600 /home/fred
The first "0" is the sticky bit I talked about above. Can you figure out what permissions I just set recursively for my Data folder tree in my /home?
Good luck. Fred