WSU logo


College of Engineering & CS
Wright State University
Dayton, Ohio 45435-0001

CEG 333: Introduction to Unix

Prabhaker Mateti

Permissions and Ownership

Permissions are the Unix way of keeping track of which users can do what to files. Ownership determines which of a file's permissions apply to users. Both are displayed in an "ls -l" listing.

There are three basic permissions: read ("r"), write ("w"), and execute ("x"). Users are allowed to perform these operations on a file if and only if the corresponding permission is set for them on that file (a file's permissions are collectively referred to as its mode). Note: the executable permission has a special meaning for directories. Without it, a user cannot cd into a directory, no matter what others are set.

Every file has three sets of permissions. One applies to the user who owns the file ("u"), one to the file's group ("g"), and one to all other users on the system ("o"). For example, a file can be readable by everyone but writable only by the users belonging to that file's group.

Permissions are changed by the chmod utility, which has a very simple syntax:

      chmod [-R] [who][op][mode] FILENAME...
  1. First is the mode to change: one or more of the letters, "u", "g", or "o", as explained above, or "a" to set all three to the same value.
  2. op is the operation to perform: "=" to replace, "+" to add, or "-" to remove.
  3. mode gives permissions to use with that operation: one or more of the letters, "r", "w", or "x", also explained above.
  4. If the -R option is present, chmod recurses into subdirectories.

Ownership is changed by the chown utility:

      chown [-R] [user][:group] FILENAME...

Where either a username, a groupname, or both must be present. Note: If only the groupname is present, it must be prefixed with a colon. If the -R option is present, chown recurses into subdirectories.

An example:

      $ ls -l
      -rw-r--r--  1 user group1 0 Apr 1 15:33 example
      $ chmod a+x example
      $ chown user:group2 example
      $ ls -l
      -rwxr-xr-x  1 user group2 0 Dec 23 23:55 example
      $ chmod a= example
      $ chmod u+w example
      $ ls -l
      --w-------  1 user group2 0 Jan 11 99:07 example

Note 1: Modes are sometimes written numerically. This is an octal (base 8) code of three digits in which (from right to left) the first digit is other, second is group, third is the user. Each digit is the sum of any combination of 4 (read), 2 (write), and 1 (execute).

Note 2: There are other, advanced, permissions represented by the letters such as "s", "S", "X". Numerically, these are the fourth digit from the right. See man chmod for more information.