Brief Guide To Ubuntu Permissions

Anyone who uses Ubuntu will have used the Terminal. They would have seen a screen such as the one below:

Ubuntu Snapshot

But what do all those letters and words mean? This brief guide will help you out.

The first column contains the permissions. This dictates what you and other users are allowed to do to a particular directory or file.

The first letter is either d, l or -.

  • d – this means that it is a directory
  • l – means that is is a symbolic link to another directory
  • - – means it is neither of the above and probably a file.

The remaining 9 characters are separated into 3 blocks (I will come to this later), the blocks consist of 3 characters:

  • r – read privileges has been granted.
  • w – write privileges has been granted, this includes creating and deleting files.
  • x – the file can be executed.

The block is always appears in that order (rwx) and if any of those letters are instead a dash (-) then that particular privilege has not been granted e.g.

  • r-x means read privileges and execute privileges have been granted but not write
  • -w- means only write privileges have been given.

As I said before, there are 3 lots of these blocks.

  • First block is privileges given to the owner.
  • Second block is privileges given to the group.
  • Third block is privileges given to everyone else.

So putting that all together here is an example:

drwxr-xr–

  • So the d tells us that it is the directory.
  • The first block of 3 is the privileges for the owner and it is rwx, which means the owner can read, write and execute the directory.
  • The second block of 3 is for the group that owns it and is r-x, which means the members of the group can read and execute the directory but not write.
  • The third and final group is r– and this tells us that all other users can read only.

A word about the owner and the group. On the screen above you can see the words “root root” in each row. The first “root” is the user that owns the directory and the second “root” is the group that owns the directory. This is how you can work out who has permissions to do what.

So if it was “dandreaa administrators” it would mean that the owner, dandreaa, would have the privileges of the first block of 3 and the other users who belongs to the group, administrators, would have the permissions of the second block of 3. That means in the above example, dandreaa would be able to read, write and execute, whilst everyone else who was a member of the administrator group, would be able to read and execute only.

Note that the user has to be a member of the group that owns it.

I hope this all makes sense! Let me know if you need clarification!


© 2012-2017