Master Linux Permissions: su, sudo, chmod, chown, and Sticky Bit Explained

Introduction

Linux is an operating system with a kernel at its core. Users interact with the kernel through a shell, which translates human‑readable commands into kernel actions and returns the results.

Shell as a Command Interpreter

The shell’s simplest definition is a command interpreter that (1) translates commands and passes them to the kernel for execution and (2) translates the kernel’s results back to the user.

User Accounts and Switching

Linux has two main account types: the root account with unrestricted privileges and regular accounts with limited rights.

su Command

Use su <username> to switch to another account. Example:

hyc@host:/$ whoami
hyc
# Switch to root
hyc@host:/$ su
Password: ********
root@host:/# whoami
root

Adding a dash ( su -) also changes the working directory to the target user’s home.

sudo Command

If a regular user needs root privileges without knowing the root password, prepend sudo to the command. The user must be granted sudo rights by the root account; otherwise the following error appears:

hyc@host:~$ sudo ls
[sudo] password for hyc: 
hyc is not in the sudoers file. This incident will be reported.

Permission Basics

Permissions control what actions a user can perform on files or directories. They consist of three attributes:

r – read (files) or list (directories)

w – write (modify files) or delete/create entries (directories)

x – execute (files) or enter (directories)

Each file has three sets of these bits: owner, group, and others.

Symbolic Representation

Example output:

-rw-r--r-- 1 root root 22902 May 18 11:51 new.txt

Owner permissions are rw-, group permissions r--, and others r--.

Octal Representation

Each permission set maps to an octal digit (r=4, w=2, x=1). For instance, rw-r--r-- equals 644.

Changing Permissions with chmod

Syntax:

chmod [options] [who][+|-][perm] file

u

– owner g – group o – others a – all -R – recursive

Examples:

# Remove write permission from owner
chmod u-w new.txt
# Add write permission to group
chmod g+w new.txt
# Set exact octal mode
chmod 664 new.txt

Changing Ownership with chown and chgrp

Only root (or a user with sudo) can change a file’s owner or group.

# Change owner to hyc
sudo chown hyc new.txt
# Change group to hyc
sudo chgrp hyc new.txt

Default Permissions and umask

When a file or directory is created, the system applies a default mode (666 for files, 777 for directories) and then masks out bits defined by the user’s umask. The effective permissions are calculated as: effective = default & ~umask Typical values: root’s umask is 022, regular users’ umask is 002.

Sticky Bit for Shared Directories

In a shared directory, the sticky bit ( t) ensures that only the file’s owner, the directory’s owner, or root can delete or rename files, preventing other users from removing each other’s work.

# Enable sticky bit on a directory
chmod +t /tmp

The /tmp directory on most systems already has this bit set (permissions like drwxrwxrwt).

Summary of Key Commands

whoami

– display current user su, su - – switch user sudo – execute a command with root privileges chmod – modify file/directory permissions chown, chgrp – change owner or group umask – view or set default permission mask chmod +t – set sticky bit on a directory