Master Linux File Permissions: Owner, Group, and Mode Explained

Introduction

Linux is a multi‑user, multitasking operating system, which means many users can work on the same system simultaneously. To protect each user's privacy and work environment, every file or directory has three identities—owner, group, and others—each with three possible permissions: readable, writable, and executable.

Document Attributes

You can view all attributes of a file or directory with ls -al --full-time (or its short form ll). The output consists of seven columns:

File type and permission bits (first character indicates type: d for directory, - for regular file, l for symbolic link, etc.; the next nine characters represent rwx permissions for owner, group, and others).

Link count.

Owner name.

Group name.

File size in bytes.

Last modification timestamp (not creation time).

File name (names starting with a dot are hidden).

Changing Owner (chown)

Location

The owner information is stored in /etc/passwd. Only an existing account listed in this file can be set as the new owner.

Syntax

chown [-R] [user] [file|directory]

chown [-R] [user]:[group] [file|directory]

Note: This command can also change the group, but using chgrp is recommended for group changes.

Options

-R

– apply changes recursively to all files and sub‑directories.

Examples

chown daemon test

– change the owner of test to daemon. chown daemon:root test – change the group of test to root. chown root.users test – set owner to root and group to users. chown .root test – change only the group to root (using a dot).

Although a dot can separate owner and group, using a colon ( : ) avoids ambiguity when usernames contain dots.

Changing Group (chgrp)

Location

Group definitions are listed in /etc/group.

Syntax

chgrp [-options] [group] [file|directory]

Use man chgrp , info chgrp , or chgrp --help for detailed options.

Example

chgrp -R users test

– recursively change the group of test and all its contents to users.

If the specified group does not exist, the command fails with “invalid group”.

Changing Permissions (chmod)

Linux permissions consist of three bits (read, write, execute) for each of the three identities, yielding nine basic permission slots. Permissions can be modified using symbolic or numeric methods.

Symbolic Method

Use u, g, o for owner, group, others, and a for all. Permissions are r, w, x. Operators are + (add), - (remove), and = (set).

Syntax

chmod [ugoa][+-=][rwx] [path]

Set Permissions (=)

Make a directory readable, writable, and executable for everyone:

chmod u=rwx,g=rwx,o=rwx test</code>
<code>chmod ugo=rwx test</code>
<code>chmod a=rwx test

Remove Permissions (-)

Remove execute permission from a directory:

chmod u-x,g-x,o-x test</code>
<code>chmod ugo-x test</code>
<code>chmod a-x test

Execute permission on a directory allows users to cd into it.

Add Permissions (+)

Add execute permission to a directory:

chmod u+x,g+x,o+x test</code>
<code>chmod ugo+x test</code>
<code>chmod a+x test

For a script test.sh , chmod a+x test.sh makes it executable.

Numeric Method

Permissions are represented by numbers: read=4, write=2, execute=1. Sum the values for each identity.

Examples:

chmod 777 test   # rwx for owner, group, others</code>
<code>chmod 666 test   # rw- for all</code>
<code>chmod 755 test   # rwx for owner, r-x for group and others

The numeric method is often simpler.

File vs. Directory Permission Differences

Files

Permissions affect the file's content:

readable – can read the file's data.

writable – can modify or append to the file.

executable – can be run as a program.

Having write permission does not allow deletion; deletion is controlled by the directory's permissions.

Directories

Permissions affect the directory entries:

readable – can list the directory contents (e.g., ls).

writable – can create, rename, move, or delete entries within the directory.

executable – can enter the directory ( cd).

To let anyone browse a directory, at least r or x must be set; to read files inside, the directory needs x and the file needs r .

Summary

Each Linux file or directory can grant read, write, and execute permissions to three identities (owner, group, others). Use chown to change the owner, chgrp to change the group, and chmod (symbolic or numeric) to modify access rights. Proper permission management is essential for data security.