In the last articles, specially on the ls command one, you have seen examples of listing your files and directories. And if you paid attention, you noticed those weird characters right in the beginning of the line. Well, those funny guys are what is called the file/directory permissions, and are used to control access to all system resources in Linux. Did I get your attention? Good! Keep reading!
All files and directories have a set of 10 bits of information, that determine who owns what, who can access, who can change.. Resuming, by modifying these 10 bits of information, you have full control on resources!
So, what are those R’s, W’s and X’s? What about the rest?
Well the first bit, is the type bit the first of ten permission bits. It can be different, depending on the type of the object.
- - = This is used for normal files
- d = it’s used for directories
- l = used in symlinks (objects that point elsewhere, to other objects)
- b= used for special block devices files
- c = used for special character device.
The next bits (nine actually) are what we call the three permissions trios. Each single trio, is composed by 3 bits, in which, depending on the values (0 or 1) are either set, or unset. Each trio corresponds to a specific “group”: the first permission bit, is the “user” trio, and affects the owner of the object, or, simply speaking, if the user owns the file, this is his affecting trio; the second trio, is the “group” one, and only affects the object’s group. If the the user does not own the object, his primary and secondaries groups are checked, and the “group” permission trio kicks in. For the last we have the “Others” trio bits, that affect everyone else that neither is the owner or belongs to a group that owns the object…. The rest of the world!
Like I said, depending if those trios are on or off (1 or 0) you will get the corresponding permissions. If you have 1 (ON) you get a letter, and if you get 0 (OFF) you get a -. When we talk of files, the first bit of the trio, corresponds to the READ permission, meaning if it let’s you view the files contents. The second bit, corresponds to the WRITE permission, and this decides if you can change that file’s contents, but also his permissions, ownership and everything else. The last, but not the least, corresponds to the EXECUTE bit, which need to be set ON, if you want for example run a script (in fact, scripts also need the READ bit).
And so on for the three separate trios, I think its simple!
In binary code, 111 corresponds to the decimal number 7, because the first bit corresponds to the decimal number 4, the second to 2 and the third to 1. It’s important to know this small logic behind binary numbers, because we need to master this so we can set or modify permissions in files (later in a new article). So for example to set a read/write/not-execute permission, you will use the 6 decimal number (4+2+0). For just reading you use only the 4 (4+0+0). Simple right?
If you take one last look at the example above you will see extra stuff… Look at part where it says “mgarces mgarces“. This is the owner and the group for that object, correspondingly. In this case, since I’m user mgarces, if I try to access to misc.txt, only the first permission trio will be checked, because I’m the owner for that file. I have the read and the write permission, but not the execute one… Cool =)
Thats it! No more theory. Tomorrow I’ll promise we will get our hands dirty using permissions on our system. Understand this and you will not have any problems manipulating your files. Cya soon!
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
0 comments ↓
There are no comments yet...Kick things off by filling out the form below.
Leave a Comment