- Top >
- Computer >
- User's Manual >
- About Linux >
File and directory access permissions
This page briefly explains the access permissions to the files and directories on Linux workstations.
You can classify or share information by setting the access permissions appropriately.
How to check the permissions
To check the current access permissions, type the ls command followed by the -l option.
[ua999999@loginXX ~]% ls -l 合計 40 drwxr-xr-x 2 ua999999 users 4096 4月 7 18:00 public_html drwx------ 8 ua999999 users 4096 4月 7 18:00 smbhome
The letters to the left, such as r, w, and x, have the following meanings.
-
The "d" indicates a directory."l" and "-" represent a symbolic link and file respectively.
-
"r", "w", and "x" have the following meanings.
-
"r": file and directory read permissions
-
file and directory write (and delete) permissions
-
"x": file and directory execution permissions
-
"-": no file and directory rights
-
-
The second to fourth characters represent the permissions granted to the owner of that file or directory (in this case, ua999999).
-
The fifth to seventh characters represent the permissions granted to the group of that file or directory (in this case, users).
-
The eighth to tenth characters represent the permissions granted to those other than the owner and group of that file or directory.
In the above example, anyone can read public_html l but cannot create any files and directories. Only the owner, ua999999, can create files and directories in public_html.
For details about the ls command, refer to the manual by typing "man ls".
How to configure access permissions
To configure access permissions, use chmod command.
[ua999999@loginXX ~]% chmod go-rx public_html [ua999999@loginXX ~]% ls -ld public_html drwx------ 2 ua9999998 users 4096 4月 7 18:00 public_html
In the above example, the personal Web site is temporarily shut down.
The go-rx following the chmod command means "withholding (-) the read (r) and execute (x) permissions from the group (g) and others(o)".
To restore the permissions, execute the chmod command as shown below.
[ua999999@loginXX ~]% chmod go+rx public_html [ua999999@loginXX ~]% ls -ld public_html drwxr-xr-x 2 ua999999 users 4096 4月 7 18:00 public_html
The go+rx following the chmod command means "assigning (+) the read and execute permissions to the group (g), owner, and others (o)".
For example, to keep a file or directory private, execute the chmod command as shown below.
[ua999999@loginXX ~]% chmod go-rwx secret
For details about the chmod command, refer to the manual by typing man chmod.
Default settings
At the ITC systems, the default permission setting for newly created files and scp-transferred files is -rw-r--r-.
By default, drwxr-xr-x is set to newly created directories.
To change groups
To change groups, use chgrp command.
[ua999999@loginXX ~]% chgrp hogehoge public.html
In the above example, the public.html file group is changed to hogehoge.
To check the groups that can be changed via the current account, use the id command.
[ua999999@loginXX ~]% id uid=999999(ua999999) gid=100(users) groups=100(users),
For details about the chgrp command, refer to the manual by typing "man chgrp".
Combination of chmod and chgrp
By combining chmod and chgrp, you can create files and directories that can be shared with other account users of the same group.
[ua999999@loginXX ~]% ls -ld common drwxr-xr-x 2 ua999999 users 4096 4月 7 18:00 common [ua999999@loginXX ~]% chgrp hogehoge common [ua999999@loginXX ~]% chmod g+w common [ua999999@loginXX ~]% ls -ld common drwxrwxr-x 2 ua999999 hogehoge 4096 4月 7 18:00 common
In the above example, the common directory is moved to the hogehogegroup, for which account users are granted write permission.
Any account user belonging to the hogehoge group can create new files or directories.
Note that by granting the write permission, you also grant the delete permission.
Last-Modified: November 29, 2023
The content ends at this position.