Setting File Permissions in Linux

I hope you have understand file ownership and permissions from my previous post Understanding File Permissions Linux. In this post you will learn how to set file permissions in linux.

Setting File Permissions in Linux – Symbolic mode:

You can set file permissions with the chmod command. Both the root user and the file’s owner can set file permissions. chmod has two modes, symbolic and numeric.

Linux File Permissions
Linux File Permissions

The symbolic mode is pretty easy to remember. First, you decide if you set permissions for the user (u), the group (g), others (o), or all of the three (a). Then, you either add a permission (+), remove it (-), or wipe out the previous permissions and add a new one (=). Next, you decide if you set the read permission (r), write permission (w), or execute permission (x). Last, you’ll tell chmod which file’s permissions you want to change.

Let’s have a couple of examples. Suppose we have a regular file called testfile, and the file has full access permissions for all the groups (long directory listing would show-rwxrwxrwx as the file’s permissions).

Wipe out all the permissions but add read permission for everybody:
$ chmod a=r testfile
After the command, the file’s permissions would be -r--r--r--

Add execute permissions for group:
$ chmod g+x testfile
Now, the file’s permissions would be -r--r-xr--

Add both write and execute permissions for the file’s owner. Note how you can set more than one permission at the same time:
$ chmod u+wx testfile
After this, the file permissions will be -rwxr-xr--

Remove the execute permission from both the file’s owner and group. Note, again, how you can set them both at once:
$ chmod ug-x testfile
Now, the permissions are -rw-r--r--

As a summary, have a look at this quick reference for setting file permissions in symbolic mode:

Which user?
u user/owner
g group
o other
a all
What to do?
+ add this permission
remove this permission
= set exactly this permission
Which permissions?
r read
w write
x execute

Setting File Permissions in Linux – Numeric mode:

The other mode in which chmod can be used is the numeric mode. In the numeric mode, the file permissions aren’t represented by characters. Instead, they are represented by a three-digit octal number.

4 = read (r)
2 = write (w)
1 = execute (x)
0 = no permission (-)

To get the permission bits you want, you add up the numbers accordingly. For example, the rwx permissions would be 4+2+1=7, rx would be 4+1=5, and rw would be 4+2=6. Because you set separate permissions for the owner, group, and others, you’ll need a three-digit number representing the permissions of all these groups.

Let’s have an example.
$ chmod 755 testfile
This would change the testfile‘s permissions to -rwxr-xr-x. The owner would have full read, write, and execute permissions (7=4+2+1), the group would have read and execute permissions (5=4+1), and the world would have the read and execute permissions as well.

Let’s have another example:
$ chmod 640 testfile
In this case, testfile‘s permissions would be -rw-r-----. The owner would have read and write permissions (6=4+2), the group would have read permissions only (4), and the others wouldn’t have any access permissions (0).

The numeric mode may not be as straightforward as the symbolic mode, but with the numeric mode, you can more quickly and efficiently set the file permissions. This quick reference for setting file permissions in numeric mode might help:

Which number?
0
1 –x
2 -w-
3 -wx
4 r–
5 r-x
6 rw-
7 rwx

This content is copied from http://www.tuxfiles.org/linuxhelp/filepermissions.html

Understanding File Permissions Linux

Linux File Permissions

Why Strict file Permissions and Ownership:

Linux OS is designed for a multi-user environment. An environment where more than one users are access the same file system and other resources at the same time. In such an environment file permissions and ownership would be a problem if you don’t configure it properly.

For example, one user have created a file and someone else deleted it mistakenly or deliberately, then first user would lose all the data he has compiled. This can be handled if you configure user rights properly.

Second example, one user executed a process and that process is gonna take a long time to be completed. Meanwhile somebody else stopped it, then the first user would not happy about this. For such things user permissions should be configured properly.

Understanding file Ownership in linux:

Each file/directory in linux is own by a specific user and a group. Therefore, permissions are separately defined for User, Group and Others.

User: User name of who owns the file/directory. By default the user who creates the file/directory is owner of that.

Group: The usergroup that owns the file. All the users in this group would have same file permissions.

Group permissions are usable if multiple users in a group are using some common file/directory. You need to make sure that the file is owned by the right group you want to give permissions to.

Others: A user who is not the owner of the file/directory and he also is not in the owner group.

Some people call it ‘world’ permissions.

Understanding File permissions in linux:

There are three types of file permissions in linux Read, Write and Execute. These permissions are separately defined for User, Group and Others.

Read: On a regular file, the read permission bit means the file can be opened and read. On a directory, the read permission means you can list the contents of the directory.

Write: On a regular file, this means you can modify the file means you can write new data to the file. In the case of a directory, the write permission means you can add, remove, and rename files in the directory.

This means that if a file has the write permission bit, you are allowed to modify the file’s contents, but you’re allowed to rename or delete the file only if the permissions of the file’s directory allow you to do so.

Execute: In the case of a regular file, this means you can execute the file as a program or a shell script. On a directory, the execute permission (also called the “search bit”) allows you to access files in the directory and enter it, with the “cd” command, for example.

However, note that although the execute bit lets you enter the directory, you’re not allowed to list its contents, unless you also have the read permissions to that directory.

Viewing file permissions in Linux:

You can list down directory contents with “ls” command but to see permissions of contents you need to get long listing of a directory contents with “ls -l” or “ll” command.

Following are the views with different listing types.

haris@harisaltaf-vaio:~/Downloads$ ls
DBs.zip images.jpg pc2-9.1.6.rar Scraper dl
haris@harisaltaf-vaio:~/Downloads$
haris@harisaltaf-vaio:~/Downloads$
haris@harisaltaf-vaio:~/Downloads$
haris@harisaltaf-vaio:~/Downloads$ ls -l
total 2276
-rw-r--r-- 1 haris haris 19527 2011-12-02 18:09 DBs.zip
-rw-r--r-- 1 haris haris 4712 2011-12-20 14:19 images.jpg
-rw-r--r-- 1 haris haris 2295246 2011-12-23 21:41 pc2-9.1.6.rar
drwxr-xr-x 2 haris haris 4096 2011-12-09 18:16 Scraper dl
haris@harisaltaf-vaio:~/Downloads$
haris@harisaltaf-vaio:~/Downloads$
haris@harisaltaf-vaio:~/Downloads$
haris@harisaltaf-vaio:~/Downloads$ ll
total 2284
drwxr-xr-x 3 haris haris 4096 2011-12-23 21:43 ./
drwxr-xr-x 55 haris haris 4096 2011-12-31 14:16 ../
-rw-r--r-- 1 haris haris 19527 2011-12-02 18:09 DBs.zip
-rw-r--r-- 1 haris haris 4712 2011-12-20 14:19 images.jpg
-rw-r--r-- 1 haris haris 2295246 2011-12-23 21:41 pc2-9.1.6.rar
drwxr-xr-x 2 haris haris 4096 2011-12-09 18:16 Scraper dl/
haris@harisaltaf-vaio:~/Downloads$

What does the long listing output means. The first column, having values like drwxr-xr-x, shows file permissions. Second column having an integer value shows number of links to the file. Third column shows file owner. Fourth column shows owner group. Fifth column shows size of file in bytes. Sixth column shows file’s last modification date and time. Seventh column shows file name.

Linux File Permissions
Linux File Permissions

The first column which shows file permissions is organised into four parts. Four parts are divided as d rwx r-x r-x. The First part shows File Type. Second part shows Owner permissions. Third part shows Group permissions. Fourth part shows Other permissions.

File Types:

d = directory
 = regular file
l = symbolic link
b = block device file
p = named pipe
c = character device file
s = Unix domain socket

Permission character Meaning:

r = read permission
w = write permission
x = execute permission
 = no permission

To see hot to Set File Permissions in Linux see my next post.

Get Return Code of a Program within a Java Program

In previous post i wrote about shell scripts arguments having spaces. Now, in this post i am writing about how to get return code of a program within a java program.

Problem statement:

Get return code of a program while you execute that program from the java code. This program may be either a shell command/script or another java program.

Get Java Return Code POC:

The following java code snippets are written for this POC.

Program 1:

I have a simple java application which return the same integer as its return code which i pass it as an argument. Following i have shared that.

package com.harisaltaf;

public class ReturnCode {
public static void main(String[] args) {
System.out.println("Returning code=" + args[0]);
System.exit(Integer.parseInt(args[0]));
}
}

Program 2:

I have written another java application which executes this application and get its return code. Following is that piece of code.

package com.harisaltaf;

public class GetReturnCode {
public static void main(String[] args) {
// String[] command = { "./linux_shell_script.sh" };
String[] command = {
"sh",
"-c",
"cd /home/haris/workspace/get_java_return_code"
+ "&& java -cp java_return_code.jar com.harisaltaf.ReturnCode 5" };
ShellExecutor executor = new ShellExecutor();
try {
executor.execute(command);

System.out.println("Command Return Code= "
+ executor.getReturnCode());
System.out.println("Command Result= " + executor.getScriptResult());
System.out.println("Command Error= " + executor.getScriptError());

} catch (Exception e) {
System.out.println(e.getMessage());
}
}

You can see i have written two commands. In first command i am executing the program 1 from a shell script while in second command i am running that directly as a shell command.

Below is the shell script code. Don’t forget to change shell script file writes.

echo ""
echo "---------------------------------------------"

echo "---result of ls:"
cd /home/haris/workspace
ls

echo "---result of java program:"
cd /home/haris/workspace/get_java_return_code
java -cp java_return_code.jar com.harisaltaf.ReturnCode 5

echo "---result of ls again:"
ls
echo "---------------------------------------------"

Output:

Executing Shell Script:

When i run the program with the help of shell script, i get the following output.

Command Return Code= 0
Command Result=
---------------------------------------------
---result of ls:
get_java_return_code
java_return_code
---result of java program:
Returning code=5
---result of ls again:
bin
java_return_code.jar
linux_shell_script.sh
src
---------------------------------------------

Command Error= null

You see in the Java code you didn’t get the correct return code of program 1 in you 2nd java application. The actual code of the program 1 should be equal to 5 as we gave it as input but the returned code of the shell script is 0 as in output “Command Return Code= 0”. This is because when you run some commands from shell script then the return code returned is the return code of the complete shell script not of only the program you specified.

When executing as direct Shell Command:

When i run the program with java command executing directly from java application, i get the following output.

Command Return Code= 5
Command Result= Returning code=5

Command Error= null

You see i get the correct return code now.

Source code:

Download source code from here: get_java_return_code