As a Linux sysadmin or super user, mastering file permissions and Access Control Lists (ACLs) is crucial for securing systems and managing multi-user environments. Whether you’re safeguarding sensitive data or setting up shared directories for collaboration, understanding commands like chmod, chown, and setfacl is essential. In this guide, I’ll break down traditional Linux file permissions, dive into advanced ACLs, and provide practical examples to streamline your workflow. Plus, I’ve included a visual diagram and a downloadable cheat sheet to make these concepts stick.
Why File Permissions and ACLs Matter
File permissions in Linux determine who can read, write, or execute a file or directory, forming the backbone of system security. Misconfigured permissions can lead to unauthorized access, while overly restrictive settings can hinder collaboration. ACLs extend traditional permissions by offering fine-grained control, allowing you to grant specific access to multiple users or groups. For sysadmins, mastering these tools ensures secure, efficient, and collaborative environmentsâwhether managing a single server or a large network.
Understanding Traditional Linux File Permissions
Linux uses a permission model based on 3 entities: user (owner), group, and others. Each entity can have read (r), write (w), and execute (x) permissions, represented in symbolic (e.g., rwxr-xr-x) or octal notation (e.g., 755). Here’s a quick breakdown:
- Read (r): View file contents or list directory contents (value: 4).
- Write (w): Modify a file or create/delete files in a directory (value: 2).
- Execute (x): Run a file as a program or access a directory (value: 1).
The ls -l command displays permissions like this:
-rwxr-xr-x 1 alice developers 4096 Jul 10 2025 script.sh
Here, alice (user) has rwx (7), developers (group) has r-x (5), and others have r-x (5). We can use chmod to modify permissions and chown to change ownership.
Key Commands
- Check current permissions and ownership:
ls -l - Change Permissions:
chmod - Set permissions using symbolic notation:
chmod u+x script.sh - Set permissions using octal notation:
chmod 755 script.sh - Change Ownership:
chownAssign a new owner or groupchown alice:developers script.sh.
Example: To make a script executable by the owner and readable by the group:
chmod 740 script.sh && ls -l script.sh
-rwxr----- 1 alice developers 4096 Jul 10 2025 script.shPermissions Diagram
Now for the promised diagram. Below is a visual breakdown of Linux file permissions to clarify the user/group/other structure:
Caption: The permission string (e.g., rwxr-xr-x) breaks into 3 sets of 3:
- user (owner)
- group, and
- others
Each with read (r), write (w), and execute (x) flags.
Octal values (e.g., 7 = rwx) simplify permission settings.
Now that you understand how Linux file permissions work on the surface, in Part 2 I’ll take you deeperâshowing you how to change permissions securely, avoid common pitfalls, and automate permission audits.
If you’ve ever misused chmod 777, you wonât want to miss it!
Leave a Reply
You must be logged in to post a comment.