Users, Groups & Permissions

💤0
Lv 10 XP
← 🧱 Foundations · Linux Fundamentals

Users, Groups & Permissions

Beginner ⭐ 50 XP ⏱ 18 min #linux#permissions#security

Control who can read, write, and execute files using Linux's user/group/other model and chmod.

📖Theory

Every Linux file has an owner and a group, and three sets of permissions: for the owner (user), the group, and everyone else (other). Each set grants read (r), write (w), and execute (x).

When you run ls -l you see something like -rwxr-xr--. The first character is the file type (- file, d directory, l symlink). The next nine are the three permission triples. Each permission has a numeric value: r=4, w=2, x=1. Add them per triple to get the familiar three-digit modes like 755 or 644.

  • chmod changes permissions
  • chown changes the owner/group
  • On directories, x means “can enter/traverse”, not “execute”
🌍Real-World Example
ls -l script.sh           # -rw-r--r-- 1 alex devs 0 Jun 22 script.sh
chmod +x script.sh        # add execute for everyone
chmod 750 script.sh       # owner rwx, group r-x, others nothing
chmod u+w,o-r notes.txt   # symbolic: add owner write, remove other read
chown alex:devs file      # set owner to alex, group to devs
sudo chmod -R 755 /var/www  # recurse into a directory tree
✍️Hands-On Exercise
  1. Create a file and view its default permissions with ls -l.
  2. Make it executable for the owner only using symbolic mode.
  3. Set a file to 640 and explain who can read it.
  4. Use chown (with sudo) to change a file’s group, then verify with ls -l.
🧾Cheat Sheet
ModeMeaning
r = 4, w = 2, x = 1Permission values
chmod 644 fOwner rw, others read
chmod 755 dCommon for dirs/scripts
chmod +x fMake executable
chmod -RApply recursively
chown user:group fChange ownership
umaskDefault-permission mask
SUID / SGID / stickySpecial bits (4/2/1 prefix)
💬Common Interview Questions
What does chmod 755 mean?

Owner gets read+write+execute (7), group and others get read+execute (5). Common for directories and executable scripts.

What does the execute bit do on a directory?

It allows traversing into the directory (accessing files inside by name). Without it, you cannot cd into or access paths under the directory even if you can list it.

What is the sticky bit used for?

On a shared directory like /tmp, it restricts file deletion so only the file’s owner (or root) can remove it, even though everyone can write there.

📚Official Documentation

📝 My notes on this topic

Auto-saves as you type