Master Linux Shell and Permissions: From Basics to Advanced Control

What Is a Shell?

Linux is fundamentally an operating system kernel, and users interact with it through a command‑line interpreter called a shell . The shell translates user commands into kernel actions and returns the results.

Note: "shell" is a generic term; bash is a specific implementation.

Shell vs. GUI

Just as Windows users operate the system via a graphical interface rather than the kernel directly, Linux users use a shell to issue commands that the kernel processes.

Linux Users and Permissions

Linux defines two main user types:

Superuser ( root) – unrestricted access, prompt #.

Regular user – limited access, prompt $.

Switching Users

Use su [username] to change users. Examples:

su user      # switch from root to a normal user

su -        # become root (enter root password)

exit        # return to the previous user (or Ctrl+D)

File Permission Basics

Permissions are expressed as r (read), w (write), and x (execute) for three categories:

Owner (u)

Group (g)

Others (o)

File type indicators (shown by ls -l) include: d – directory - – regular file l – symbolic link b – block device p – pipe c – character device s – socket

Permission Representation

Symbolic form uses letters (e.g., rwxr-x---). Octal form combines bits: read=4, write=2, execute=1. Examples: 7 = read+write+execute (4+2+1) 5 = read+execute (4+1) 0 = no permission

Changing Permissions with chmod

Syntax:

chmod [options] mode file

-R

– recursive

Symbolic mode examples:

$ chmod 777 text.c

$ chmod 000 text.c

$ chmod 640 text.c

Symbolic operators: + – add permission - – remove permission = – set exact permission

User symbols: u – owner g – group o – others a – all

chmod can modify owner, group, and others simultaneously; separate entries with commas.

Changing Ownership with chown

Syntax:

chown [options] user[:group] file

$ sudo chown root test.c

$ sudo chown lighthouse:test.c

$ sudo chown lighthouse:lighthouse test.c

Changing Group with chgrp

Syntax:

chgrp [options] group file

$ sudo chgrp root text.c

$ sudo chgrp lighthouse text.c

Umask and Default Permissions

umask

defines which permission bits are masked out when new files or directories are created.

Default file permission = 0666

Default directory permission = 0777

Effective permission = requested permission & ~umask.

Superuser default umask is 0022 ; regular users default to 0002 .

Identifying File Types with file

Usage:

file [options] file_or_directory…

-c

– show detailed processing -z – attempt to read compressed files

Directory Permissions

To access a directory you need:

Read – list contents

Write – create or delete entries

Execute – enter (cd) the directory

Sticky Bit

The sticky bit prevents users who have write permission on a directory from deleting or renaming files they do not own.

Set it with:

chmod +t directory_name

Only the file owner and root can delete files in a sticky‑bit directory.

Common use case: shared temporary directory /tmp where everyone can write but only owners can delete their files.

Summary

Execute permission on a directory allows entering it; read permission allows listing its contents.

Without execute, you cannot cd into a directory even if you can read it.

Without read, you can enter a directory but cannot list its files.

The sticky bit adds an extra safeguard for shared writable directories.