Department of Electrical Engineering and Computer Science



File Permissions

This page explains how to use the built-in Linux file permissions to allow others to access your files.  On EECS computers, however, we recommend using Access Control Lists (ACLs) instead because basic linux permissions cannot share a file with a single user.  Instead, it shares files with all EECS users or with all of your default group (e.g. undergraduates).

Linux permissions define who can view and make changes to your files and directories.  Each file/directory has nine permission bits, which can be viewed using the -l option to the ls command. Here is an example:

prompt> ls -l
-rw-rw-r-- 1 bob undrgrad 0 May 11 16:20 file1
-rw------- 1 bob undrgrad 0 May 11 16:20 file2

The first column in the example output lists ten permission bits – the first bit describes the type of file. The permissions are of the format “rwxrwxrwx”. The first three bits are the owner's permissions, the next three are the group's permissions, and the last three are others's (i.e., everyone else's) permissions. The symbols have the following meanings:

SymbolMeaning
r Has permission to read the file/directory.
w Has permission to write to (change) the file/directory.
x Has permission to execute the file (program).

For example, file1 from the example output above may be read and changed by bob, read and changed by anyone in the undrgrad group, and only read by anyone else. file2 may be read and changed only by bob.

You can change the permissions on a file or directory you own using the chmod command (derived from change mode).

chmod mode filename

The mode argument is a three-digit octal number describing the permissions for the owner, group, and others respectively. Here is a table showing the interpretation of the various digits:

OctalPermissions
0 ---
1 --x
2 -w-
3 -wx
4 r--
5 r-x
6 rw-
7 rwx

Here are some examples:

CommandEffect
chmod 644 file2 Allows file2 to be read by anyone, but changed only by bob.
chmod 600 file1 Allows file1 to be read or changed only by bob.

chmod also accepts a mnemonic syntax for the mode argument. The three categories – owner, group, and others – are represented by u, g, and o respectively. Permissions can be added, removed, or copied by +, -, and = respectively. Here are some examples:

CommandEffect
chmod u+w Adds write permission for the owner of the file.
chmod ug=rw,o=r Gives read/write permission to owner and group, and read permission to others.
chmod a-x Removes execute permission for all three categories (owner/group/others).
chmod g=u Makes the group permissions the same as the owner's.
chmod -R g+r mydir Adds read permission for the group to all files in the mydir directory. (The R stands for “recursive”.)

 

The University of Tennessee, Knoxville. Big Orange. Big Ideas.

Knoxville, Tennessee 37996 | 865-974-1000
The flagship campus of the University of Tennessee System