< How to view file permissions >
You can view the access permissions of a file by doing the long directory listing with the ls -l
command. This is what a long directory listing might look like:
me@puter: /home/writers$ ls -l
total 17
drwxr-xr-x 3 nana writers 80 2005-09-20 21:37 dir
-rw-r----- 1 nana writers 8187 2005-09-19 13:35 file
-rwxr-xr-x 1 nana writers 10348 2005-07-17 20:31 otherfile
What does the output of ls -l
mean? The very first column, the one that looks like a bunch of mumbo jumbo, shows the file type and permissions. The second column shows the number of links (directory entries that refer to the file), the third one shows the owner of the file, and the fourth one shows the group the file belongs to. The other columns show the file's size in bytes, date and time of last modification, and the filename.
The first column, the one that shows the file's permissions and looks like mumbo jumbo, is organized into four separate groups, although it certainly doesn't look very organized.
The first group consists of only one character, and it shows the file's type. For example, d
means a directory and -
means a normal file, so if you take a look at our example output, you'll notice dir
is a directory, while file
and otherfile
are regular files.
The first character can be any of these:
d = directory
- = regular file
l = symbolic link
s = Unix domain socket
p = named pipe
c = character device file
b = block device file
The next nine characters show the file's permissions, divided into three groups, each consisting of three characters. The first group of three characters shows the read, write, and execute permissions for user, the owner of the file. The next group shows the read, write, and execute permissions for the group of the file. Similarly, the last group of three characters shows the permissions for other, everyone else. In each group, the first character means the read permission, the second one write permission, and the third one execute permission.
The characters are pretty easy to remember.
r = read permission
w = write permission
x = execute permission
- = no permission
What does this mean in practice? Let's have an example. Remember the imaginary directory listing we did at the beginning? The output looked like this:
drwxr-xr-x 3 nana writers 80 2005-09-20 21:37 dir
-rw-r----- 1 nana writers 8187 2005-09-19 13:35 file
-rwxr-xr-x 1 nana writers 10348 2005-07-17 20:31 otherfile
As we already noticed, dir
is a directory, because the first column begins with a d
. The owner of this directory is user nana
and the group owner is writers
. The first three characters, rwx
, indicate the directory's owner, nana
in this case, has full access to the directory. The user nana
is able to access, view, and modify the files in that directory. The next three characters, r-x
, indicate that all users belonging to group writers
have read and execute permissions to the directory. They can change into the directory, execute files, and view its contents. However, because they don't have write permissions, they can't make any changes to the directory content. Finally, the last three characters, r-x
, indicate that all the users who are not nana
or don't belong into group writers
, have read and execute permissions in the directory.
How about file
? Because the first column begins with a -
, the file is a regular file, owned by user nana
and group writers
, just like the directory in our example. The first three characters, rw-
, indicate the owner has read and write access to the file. According to the next three characters, r--
, the users belonging to group writers
can view the file but not modify or execute it. The final three characters, ---
, indicate no one else has any access to the file.
Similarly, you can see otherfile
is a regular file and its owner has full access to it, while everyone else can read and execute the file but not modify it.