Linux服务器 Detailed Explanation of Linux File Permissions Linux Permission Management chmod Tutorial File Permission Settings Linux Beginner's Tutorial 2025-12-08 108 views

1. Why File Permissions Are Needed?

In the Linux system, file permissions act like a “key” that controls who can access a file and in what way. Incorrect permission settings can lead to files being accidentally deleted, maliciously modified, or even server data leaks. For example, if a document intended for team collaboration is open to everyone, it might be tampered with by irrelevant parties; conversely, overly strict permissions might prevent you from editing the file yourself. Thus, understanding and correctly setting file permissions is fundamental to Linux system administration.

2. Identity Labels for Permissions: User and Group

Each file (or directory) is associated with three types of users:
- Owner (User): The creator of the file, with the highest control (unless modified).
- Group (Group): The user group the file owner belongs to; members within the group share group permissions.
- Others (Others): Users who are neither the owner nor members of the owner’s group.

The core of permissions is: Setting “read, write, execute” permissions for each of these three user types, allowing or disallowing them.

3. Two Representation Methods of Permissions

Linux represents permissions in two ways; beginners must master the conversion between “symbolic form” and “numeric form”:

1. Symbolic Form: Intuitive and Easy to Understand

Take -rwxrwxrwx as an example. It has 10 characters divided into 4 parts:
- First character: File type (- for regular file, d for directory, l for link, etc.).
- 2nd-4th characters: Owner permissions (r for read, w for write, x for execute; - for no permission).
- 5th-7th characters: Group permissions.
- 8th-10th characters: Others’ permissions.

Permission Meaning Quick Reference:
| Character | Meaning | Numeric Value |
|-----------|---------|---------------|
| r | Read (view content) | 4 |
| w | Write (modify/delete file) | 2 |
| x | Execute (run program/enter directory) | 1 |
| - | No permission | 0 |

2. Numeric Form: Fast Calculation

Convert symbolic permissions to an octal number (0-7), where r=4, w=2, x=1. Sum the values for each user type.
Example:
- rwx (Owner): 4+2+1=7
- rw- (Group): 4+2+0=6
- r-x (Others): 4+0+1=5
Combined as 765.

4. File vs. Directory: Differences in Permissions

Permissions affect files and directories differently, a common source of confusion for beginners:

Type r (Read) w (Write) x (Execute)
File View content Modify content Execute the file (e.g., script, binary program)
Directory List directory contents (ls) Create/delete files within the directory Enter the directory (cd)

5. How to Modify File Permissions?

Common commands: chmod (change permissions), chown (change owner/group).

1. chmod: Modify Permissions

  • Symbolic Form: Use u (user), g (group), o (others), a (all users) with + (add), - (remove), = (set exact permissions).
    Examples:
  • chmod u+x file.txt: Add execute permission to the owner (u+x).
  • chmod go-r file.txt: Remove read permission from group and others (go-r).

  • chmod a+rwx file.txt: Add read/write/execute permissions to all users (a+rwx).

  • Numeric Form: Directly use octal numbers to specify permissions.
    Examples:

  • chmod 755 file.txt: Owner rwx (7), Group r-x (5), Others r-x (5).

  • chmod 644 file.txt: Owner rw- (6), Group r-- (4), Others r-- (4).

  • Recursive Modification for Directories: Use -R to apply to all subfiles/directories.
    Example: chmod -R 755 /home/user/docs/

2. chown: Change Owner/Group

  • Change owner: chown new_owner file/directory
    Example: chown alice file.txt (change owner of file.txt to alice).

  • Change group: chown :new_group file/directory
    Example: chown :dev-team file.txt (change the group of file.txt to dev-team).

  • Change both owner and group: chown new_owner:new_group file/directory
    Example: chown alice:dev-team file.txt.

6. Special Permissions: SUID, SGID, SBIT

After mastering basic permissions, learn special cases for common scenarios:

  • SUID (Set UID): Temporarily grants the file owner’s permissions to programs when executed.
    Example: chmod u+s /usr/bin/passwd (normal users can run passwd as root to modify passwords; only valid for binary programs).

  • SGID (Set GID): Temporarily grants the file’s group permissions to programs, or automatically inherits the group for new files in a directory.
    Example: chmod g+s /home/shared (new files created in /shared inherit the group of /shared).

  • SBIT (Sticky Bit): Only for directories, preventing ordinary users from deleting others’ files.
    Example: chmod o+t /tmp (users can only delete files they created in /tmp).

7. Common Issues and Pitfalls

  1. Can’t modify a file as a regular user?
    Insufficient permissions. Ensure you are the file owner, or have been added to the group with write permissions.

  2. Subfiles not updating after directory permissions change?
    Use recursive modification: chmod -R 755 dir/.

  3. Incorrect permission calculation?
    Remember: r=4, w=2, x=1. For example, rw-r--r-- is 644 (6=4+2, 4=4+0, 4=4+0).

Summary

File permissions are the core of Linux system security. Beginners should first master:
1. Conversion between symbolic form (rwxrwxrwx) and numeric form (755).
2. Two modification methods for chmod (symbolic/numeric).
3. Differences between file and directory permissions.

Through practical operations (e.g., creating test files, modifying permissions, observing effects), you will quickly become proficient!

Related Articles

Essential for Beginners: A Detailed Explanation of Linux User Permission Management 2025-12-08 Linux System Maintenance: Essential Basic Knowledge for Beginners 2025-12-08 Linux User Permission Management: Resolving Common Issues for Beginners 2025-12-08 Common Issues for Beginners: How to Troubleshoot Linux Service Startup Failures 2025-12-08 Essential Linux Command Line Tips for Beginners 2025-12-08
Xiaoye