February 22, 2019

Sharing Files in Linux and Understanding Pathnames - page 2

Going Dotty in the Linux Filesystem

  • February 25, 2009
  • By Akkana Peck

In the filesystem navigation article, I talked about how Sue can access files in Fred's home directory by using the shortcut ~fred. But of course, Sue can't necessarily read or change Fred's files ... right?

Find out with another handy ls flag: ls -l (that's an ell, for "long", not a one.). You'll see a lot of lines that look something like:

drwx--x---  2 akkana family      48 2007-08-27 20:25 Pets
-rw-r-----  1 akkana users   568918 2007-11-17 21:03 rosette.pdf
-rw-r-----  1 akkana family   97388 2008-11-06 14:23 fido.png

... and so on. What does it all mean?

The first part, -rw-r--r--, is the one we're after right now. The very first character tells you whether you're looking at a directory ("d"), a plain file ("-") or something less common like a link or a device driver.

The rest of it concerns permissions, and they come in three clusters, called owner (the owner of the file), group (anyone in the same "group" as the file: the group is listed right after the owner, so "family" and "users" in the listing are both group names) and world (anyone else).

Each of those three includes three permissions that can be on or off: r, for read; w, for write; and x, for execute. Read and write permissions are obvious: they describe whether the file can be read or written to. Execute is used for programs and scripts: you need execute permission before you can run something. A dash, -, means that permission is not set.

So a file like "rosette.pdf" in the listing above, with a permission of "rw-r-----", breaks down into "rw-", "r--", and "---", so it has these permissions:

Owner: rw- The file's owner, the user akkana, can read and write the file
Group: r-- Anyone in the same group file's owner can read it but not write it
World: --- Anyone else can't even read it

Directories are only slightly trickier. Read permission on a directory means you can list the files inside it, with ls or any file manager. Write permission means you can add new files or remove files that are already there. Execute permission means you can cd into the directory, or access files inside it -- but you can't actually list the files inside a directory unless you have read permission.

For instance:

drwxr-xr-x  2 akkana family      48 2007-08-27 20:25 Music
drwxr-x--x  2 akkana family      48 2007-08-27 20:25 Photos

Anyone can play music from the Music directory or explore what music files are there: it's both readable and executable by anyone, whether or not they're in the "family" group. For Photos, though, anyone who's "family" can cd into the directory or list the photos ("r-x"), but not someone who isn't in group "family" can't list the photos. They can view a photo inside the Photos directory if I tell them its name, like Photos/fido.jpg, but they can't search for it.

Permissions seem a little complicated at first, but remember to break down the permissions string into three groups and they'll seem much simpler.

Akkana Peck is a freelance programmer whose credits include a tour as a Mozilla developer. She's also the author of Beginning GIMP: From Novice to Professional.

Most Popular LinuxPlanet Stories