LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 04-01-2006, 09:31 PM   #1
username132
Member
 
Registered: Jul 2005
Posts: 73

Rep: Reputation: 15
Understanding File Permissions


I'm reading a tutorial on file permissions and it gives;

-rwxr-xr-x- root root

# The superuser has the right to read, write, and execute this file
# Members of the group "root" can also read and execute this file
# Everybody else can read and execute this file


My interpretations is;

superuser can read, write, execute + bonus r
group root can execute and read/bonus r
everyone else can execute only


Could someone point out what I'm not getting?
 
Old 04-01-2006, 09:44 PM   #2
Simon Bridge
Guru
 
Registered: Oct 2003
Location: Waiheke NZ
Distribution: Ubuntu
Posts: 9,211

Rep: Reputation: 197Reputation: 197
No, you've got that right.

Why, what's wrong with that?

.............
A smaller sig would be nice.

I see you have two OLD PC's listed there.
The PII will run one of the newer distros, but you'll want a lighter version for that 486. Whatever - linux will run them much better than the old windows you have.

Suggest: DSL or Puppy for the 486. If you like DSL, it will install as Debian (one of the most powerful distros around) to the PII and you can get a graphical file manager.

See also: http://www.zegeniestudios.net/ldc/
 
Old 04-01-2006, 09:45 PM   #3
michaelsanford
Member
 
Registered: Feb 2005
Location: Ottawa/Montréal
Distribution: Slackware + Darwin (MacOS X)
Posts: 468

Rep: Reputation: 30
What do you mean by bonus r ?
 
Old 04-01-2006, 09:46 PM   #4
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 197Reputation: 197
Quote:
Originally Posted by username132
I'm reading a tutorial on file permissions and it gives;

-rwxr-xr-x- root root

# The superuser has the right to read, write, and execute this file
# Members of the group "root" can also read and execute this file
# Everybody else can read and execute this file


My interpretations is;

superuser can read, write, execute + bonus r
group root can execute and read/bonus r
everyone else can execute only


Could someone point out what I'm not getting?
Think of rwx as blocks. First block is user, second is group and third is the world.

rwxrwx--x root root would indicate like you said, root owns the file and can read, write and execute it. root is part of the root group, so it can also read, write and execute the file. Everyone who has access but is not root or in the root group can only execute the file.

Say you have rwxr--x--x root root, that means root user can read, write and execute and everyone else, including those in the root group can only execute the file.
 
Old 04-01-2006, 09:53 PM   #5
username132
Member
 
Registered: Jul 2005
Posts: 73

Original Poster
Rep: Reputation: 15
I see. The tutorial has the dashes in weird places. It should read;

rwx-rx-rx < now it matches what they're saying AND there are no "bonus rs" (rs that didn't represent anything in my interpretation of the file permissions).
 
Old 04-01-2006, 10:01 PM   #6
michaelsanford
Member
 
Registered: Feb 2005
Location: Ottawa/Montréal
Distribution: Slackware + Darwin (MacOS X)
Posts: 468

Rep: Reputation: 30
Not quite.

The sequence of dashes and letters is fixed: it's always "rwx" standing for read, write, execute (also know as "searchable"). The full line reads -rwrwxrwx and the order never changes (it can't be rwx-rx-rx because those dashes are where Rs should be).

Trickykid accidentally added an extra - in his example which I've bolded rwxr--x--x.

By the way, the first - indicates whether or not the "file" is a directory (or other special file), which is why most files are of the format -rwxr-xr-x, a directory with the same permissions would be drwxr-xr-x.

There is also a way to represent this numerically, but I won't get into that here.
 
Old 04-01-2006, 10:18 PM   #7
foo_bar_foo
Senior Member
 
Registered: Jun 2004
Posts: 2,553

Rep: Reputation: 51
your example has 11 permission bits when in reality there are only 12
3+3+3
but ls -l only shown 10
when you do ls -l the first one is for if its a directory a block device or like that
so lets say 13 if you count that one
so as extras you got the extra one for what kind of file plus
suid sgid and sticky
with ls -l
for suid and sgid x for group or user becomes s
sticky bit changes the last x to a t
accept for root as owner read and write really can't be turned off
even if ls -l says
----------
 
Old 04-01-2006, 10:22 PM   #8
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 197Reputation: 197
Quote:
Originally Posted by michaelsanford
Trickykid accidentally added an extra - in his example which I've bolded rwxr--x--x.
Actually, for my example, I accidently put an extra R not dash.
 
Old 04-01-2006, 11:45 PM   #9
puffinman
Member
 
Registered: Jan 2005
Location: Atlanta, GA
Distribution: Gentoo, Slackware
Posts: 217

Rep: Reputation: 30
How about a real world example here?

Code:
# ls -l /etc/apache2
total 79
-rw-r--r--  1 root root  2068 Jan 25 16:03 apache2-builtin-mods
drwxr-xr-x  5 root root  1024 Aug  7  2005 conf
-rw-r--r--  1 root root 37599 Jan 25 21:29 httpd.conf
-rw-r--r--  1 root root  3410 Aug  7  2005 local.conf
-rw-r--r--  1 root root 12958 Jan 25 16:03 magic
-rw-r--r--  1 root root 15020 Oct 25 20:49 mime.types
drwxr-xr-x  2 root root  1024 Jan 25 21:29 modules.d
lrwxrwxrwx  1 root root    29 Sep 21  2005 php.ini -> /etc/php/apache2-php4/php.ini
drwxr-xr-x  2 root root  1024 Aug  5  2005 ssl
drwxr-xr-x  2 root root  1024 Sep  4  2005 vhosts.d
This listing has three kinds of entities: files, directories, and a symlink. This status is indicated by the first character: 'd' for directories, 'l' for symlinks, '-' for regular files. The file httpd.conf is readable and writeable by root, and readable by everyone else. It's a config file so nobody needs to execute it. All the directories are readable and executable by everyone (which is needed to change or access a directory). This is on my desktop where I'm the only user, so it's not a security vulnerability . Symlinks are always rwx for everyone, because the permissions exist on the file that's being pointed to, not the symlink.

Permissions are sometimes abbreviated by 3 octal characters representing the rwx flags for each group. rwx is 111, or octal character 7. r-x is 101, or 5 octal. r-- is 100, or 4 octal. Thus, 755 is shorthand for rwxr-xr-x, and 644 is short for rw-r--r--, both very common settings, and the octal groups can be used directly with chmod.
 
Old 04-02-2006, 01:59 AM   #10
Simon Bridge
Guru
 
Registered: Oct 2003
Location: Waiheke NZ
Distribution: Ubuntu
Posts: 9,211

Rep: Reputation: 197Reputation: 197
Quote:
Originally Posted by trickykid
-rwxr-xr-x- root root
probably should be
Code:
-rwxr-xr-x root root
... and I think each one of us misread this slightly... we are used to seeing actual listing like those in puffinman's post.

According to these permissions ... only the root user can alter (write) the file. Everyone can read and execute the file.
Quote:
Originally Posted by trickykid
My interpretations is;

superuser can read, write, execute + bonus r
group root can execute and read/bonus r
everyone else can execute only
... So you are very nearly right.

You have grouped the permissions in the tutorial like this:

other: -x-
group: -xr
owner: wxr
bonus: -r

which is where the "bonus" comes from.
In actual fact - as pointed out - the permissions are always in the same order and the tutorial has added an extra "-" at the end (possibly as a misguided punctuation).

The first "-" indicated it is a regular file. Then, in tripplets after that, it goes:

owner: rwx
group: r-x
others: r-x

Now do you see?

It should always be in that order.
As far as the computer is concerned, these rwx thingies are not important. It reads the binary version.

read permission is binary 100
write permission is binary 010
execute permission is binary 001

just add them up for the total permission.

your example then reads:

permissions: 111101101

so you see the bits read off rwxr-xr-x if you stick a hyphen every time you get a zero.

Hopefully the overexplaination works.
 
Old 04-02-2006, 09:31 AM   #11
username132
Member
 
Registered: Jul 2005
Posts: 73

Original Poster
Rep: Reputation: 15
I really get it now, thanks! I had thought those dashes were just spacers, not actually representing values but now it all makes sense. Would take me a while to convert each option from binary to decimal. Thanks everyone for all your effort!!

Simon Bridge, sorry, I missed most of your first post thinking it was _your_ signature. Coincidentally, I got fed up of scrolling past my own signature and removed the less relavent of the two! Since the server I'm using is with two 333 processors, is there anyway I can make use of both cores?
 
Old 04-02-2006, 05:58 PM   #12
Simon Bridge
Guru
 
Registered: Oct 2003
Location: Waiheke NZ
Distribution: Ubuntu
Posts: 9,211

Rep: Reputation: 197Reputation: 197
I understand linux has multi-processor support out of the box. I've never needed it and have no experience of this.

Probably your first stop would be to check out your computer (compaq proliant 3000) in the HCL.
 
Old 04-03-2006, 01:23 AM   #13
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,261

Rep: Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028
You may find this man page helpful:
man chmod

chmod will accept either alpha modes eg rwx or octal eg 755
Personally I always find it easier to read alpha style.
In general, the 3 blocks represent user, group, other, so you can say
chmod ugo=rwx <filename>
which would set
-rwxrwxrwx
for a normal file ie you can't affect the first char, which as above, is the file type. Use the
file <filename>
cmd to check a type in detail eg binary executable vs script.
 
Old 04-03-2006, 04:42 AM   #14
Simon Bridge
Guru
 
Registered: Oct 2003
Location: Waiheke NZ
Distribution: Ubuntu
Posts: 9,211

Rep: Reputation: 197Reputation: 197
Quote:
Originally Posted by chrism01
chmod ugo=rwx <filename>
which would set
-rwxrwxrwx
... you would

In general, only do this to your personal files you don't mind everyone reading, altering, deleting... you know, linux malware exists: one of the ways to limit damage is to pay attention to the permissions.

And I prefer: chmod 777 fu.bar for the same effect
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Understanding UNIX/Linux file system LXer Syndicated Linux News 0 01-29-2006 07:01 PM
Understanding linux package building and user permissions MOPAULY Linux - Newbie 5 01-24-2006 11:39 AM
Understanding make file-help for newbie sceadu Programming 5 11-02-2004 04:25 AM
Understanding permissions - from a Windows user's perspective floydian219 Linux - Newbie 12 09-07-2004 08:10 AM
Trouble understanding chmod & group permissions gen-ik Linux - Newbie 3 07-19-2004 01:51 PM


All times are GMT -5. The time now is 05:56 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration