Users and groups of users in Linux and how to calculate the permissions

U

Everything in a Linux system happens in a very strict way. Nothing is accidental. Let’s have a look at the tables below:

The following table shows us the codes for granting access rights to a file:

Each user of a Linux system has a name (for example: mvps); this user is associated with certain groups; to see the groups in which a particular user is located, there will be run the following command: groups username:

mvps@mvps:~/Desktop$ groups mvps
mvps : mvps adm cdrom sudo dip plugdev lpadmin sambashare

Every user of a system has or does not have certain rights on a file. Supposing we talk about a document: there might be users that may not see the file at all or they can only read it or edit it or they can have write rights on it.

Permissions are granted to the owner, to a group or to others:

Owner – who created that file
Group – Users belonging to the groups where the owner is a member
Other – all other users

To calculate the permissions

In the binary system 1 means that the option is enabled, 0 that it is disabled. We do not do maths now, but we can remember that the octal system (numbers only from 0 to 7) can be represented in binary with 3 characters: the first on the right has the value 0, the second on the right has the value 2, the third on the right has the value 4. Thus, in the example above, 110 means 4 + 2 + 0 = 6. Another example: 111 = 4 + 2 + 1 = 7.

Also from the last table, we note that:

• the owner has the right to write and read the file (without the right to execute)
• the group has the right to write and read the file (without the right to execute)
• others have the right to write and read the file (without the right to execute)

It is very easy to see all the rights a file has in Linux:

mvps@mvpsnet:~/Desktop$ ls -l
total 52
drwxrwxr-x 4 mvps mvps 4096 Jun 20 02:43 vps
-rwxrwxrwx 1 mvps mvps 93 Jun 19 12:32 HO_script
-rw- r—– 1 mvps mvps 37126 Jun 25 03:15 ubuntu.jpg

Let’s look at the first row from left to right:

• d – shows us that this is a directory
• the following three characters (rwx) define the rights of the owner: rwx = 4 + 2 + 1 = 7, ie total rights (reading, writing, execution)
• the following 3 characters (rwx) define the rights of the users in the groups to which the owner mvps belongs to: rwx = 4 + 2 + 1 = 7, ie total rights (reading, writing, execution)
• the last 3 characters (r-x) define the rights of other users: r-x = 4 + 0 + 1 = 5, ie only the right to read and execute

In other words, the permissions for the directory other can be written as 775.

Similarly, it also determines the permissions for the other files in the given output as an example:

• HO_script is a regular file (the character d doesn’t appear; only -) with permissions 777 – all system users have total rights over it (read, write, execute)
• ubuntu.jpg is a regular file with 640 permissions – the owner has the right to read and write, the groups of the owner can only read (view the image) and the others have no right to this file.

The above described are shown schematically in the following illustration:

– rwx rwx rwx
↑ ↑ ↑ ↑___ Read, write, and execute permissions for all other users.
| | |____ Read, write, and execute permissions for the group owner of the file.
| |______ Read, write, and execute permissions for the file owner.
|________File type: – indicates regular file; d indicates directory.

About the author

Ilias spiros
By Ilias spiros

Recent Posts

Archives

Categories