Thursday, June 28, 2012

Intro to File Permissions

Intro to File Permissions

Ever want to know who has access to your files and what they're allowed to do to those files? Turns out there are permissions that do exactly those two things.

Let's start by listing out the folder contents in long format with ls -l (shortcut: ll)

alchemist@BogWarfs:/opt/test$ ll
total 12
-rw-r----- 1 organdr  dwarves   100 Jun 26 22:26 dwarvenVault
-rw-r----- 1 deltys   elves     113 Jun 28 22:55 elvenVault
-rw-r----- 1 herpderp goblins   109 Jun 28 22:56 goblinVault
alchemist@BogWarfs:/opt/test$ cat dwarvenVault 
cat: dwarvenVault: Permission denied

Breakdown

Starting from right-to-left.

Filename

You can bequeath names in the common tongue.

-rw-r----- 1 organdr  dwarves   100 Jun 26 22:26 dwarvenVault

File name.

Modify Time

Timestamp. If you touch it, it will change. There are different timestamps too but that's a topic for another day.

-rw-r----- 1 organdr  dwarves   100 Jun 26 22:26 dwarvenVault

File Size

The file size here is 100 bytes. Whoopie.

-rw-r----- 1 organdr  dwarves   100 Jun 26 22:26 dwarvenVault

Group Name

This file belongs to the group, 'dwarves'. A file can have at most one group.

-rw-r----- 1 organdr  dwarves   100 Jun 26 22:26 dwarvenVault

Owner Name

This file belongs to the user, 'organdr'. A file can have at most one owner.

-rw-r----- 1 organdr  dwarves   100 Jun 26 22:26 dwarvenVault

Links

There is one link to the file. Topic for another day.

-rw-r----- 1 organdr  dwarves   100 Jun 26 22:26 dwarvenVault

Permissions

This is actually a multi-part permissions ACL - Access Control List.

rw-r----- 1 organdr  dwarves   100 Jun 26 22:26 dwarvenVault

This row of dashes and letters has all sorts of meaning. Let's go through what each of the letters stand for. The meanings of these words are lost to mankind.

  • d - directory
  • r - read
  • w - write
  • x - execute

There are actually 4 groupings of permissions here.

-           Directory (in this case, off) 
 rw-        Owner Permissions (organdr)
    r--     Group Permissions (dwarves)
       ---  Global Permissions (everyone else)

From this ACL we can see that Organdr can read/write to the dwarvenVault, Dwarves can read from the Vault, and everyone else isn't allowed to do anything to dwarvenVault.

That's enough for one sitting, we'll talk about changing permissions in the next entry.

Posted by at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)