Master Linux Shell, Users, and Permissions: A Complete Guide

Shell and Its Working Principle

A shell is a command‑line interpreter that translates user commands into kernel requests and returns the kernel’s responses. bash is one concrete implementation (default on CentOS 7).

Linux User Categories and Prompt Symbols

Root (superuser) : unrestricted access to all resources.

Regular user : limited to operations permitted by the system.

Prompt symbols: # for root, $ for regular users.

File Permission Model

Permissions control read ( r), write ( w) and execute ( x) access for three classes:

Owner (u) : the file’s creator.

Group (g) : users belonging to the same group.

Other (o) : everyone else.

Each class can have any combination of rwx. Permissions can be expressed symbolically (e.g., rwxr-x--x) or as an octal number (e.g., 751).

Symbolic → Octal Mapping

r

= 4 (binary 100) w = 2 (binary 010) x = 1 (binary 001) rw = 6 (binary 110) rx = 5 (binary 101) wx = 3 (binary 011) rwx = 7 (binary 111) --- = 0 (binary 000)

Changing Permissions with chmod

$ chmod 777 file.c   # rwx for owner, group, other
$ chmod 000 file.c   # no permissions for anyone
$ chmod 640 file.c   # rw- for owner, r-- for group, --- for other

General syntax:

chmod [options] mode file

-R

: apply changes recursively to directories.

Only the file’s owner or root can modify its permission bits.

Modifying Ownership with chown and chgrp

# Change owner to root
$ sudo chown root file.c
# Change owner to user "lighthouse"
$ sudo chown lighthouse file.c
# Change both owner and group
$ sudo chown lighthouse:lighthouse file.c
# Change only the group
$ sudo chown :lighthouse file.c

Change group with chgrp:

$ sudo chgrp root file.c
$ sudo chgrp lighthouse file.c

File Creation Mask ( umask )

umask

defines which permission bits are cleared when a new file or directory is created. Effective permissions = default permission & ~umask.

# Typical values
$ umask 022   # results in 0755 for directories, 0644 for files
$ umask 002   # results in 0775 for directories, 0664 for files

Identifying File Types with file

$ file [options] filename

-c

: show detailed processing steps. -z: attempt to read compressed files.

Directory Permissions and the Sticky Bit

Access to a directory requires three distinct bits:

Read (r) : list the directory’s contents.

Write (w) : create, rename or delete entries.

Execute (x) : enter the directory (required for cd).

The sticky bit ( chmod +t DIR) restricts deletion/renaming of files inside a world‑writable directory so that only the file’s owner or root can remove them. It is commonly set on /tmp.

Key Commands Summary

chmod [options] mode file

– set access bits; use symbolic ( u+r) or octal ( 755) notation. chown [options] user[:group] file – change file owner and optionally group. chgrp [options] group file – change group ownership. umask [value] – view or set the creation mask. file [options] name – identify file type.

Practical Examples

Make a script executable for everyone: $ chmod a+x script.sh Recursively grant read permission to a directory tree: $ chmod -R a+r /opt/project Set the sticky bit on a shared temporary directory: $ chmod 1777 /var/shared_tmp Resulting mode 1 (sticky) + 777 (full rwx for all).