Master Linux Users, Groups, and File Permissions: A Complete Guide

Users and Groups

Linux is a multi‑user system. Every file belongs to three categories: owner (the user who created the file), group (a collection of users that share access), and others (all remaining users). The superuser root has unrestricted access to all files and directories.

Owner – primary control over the file.

Group – users that can share permissions on the file.

Others – users not in the owner or group categories.

Linux File Permissions

Switch to the root account with su - and list files with ls -al. The first column shows a ten‑character permission string; the first character indicates the file type ( d directory, - regular file, l symbolic link, b block device, c character device, s socket, p FIFO). The next nine characters are three groups of rwx for owner, group, and others. A dash ( -) means the corresponding permission is absent.

During learning you may use root because commands like chgrp and chown require root privileges, but in production it is strongly recommended to avoid operating as root. Use exit to leave the root shell.

The third column of ls -l shows the file's owner, the fourth column the owning group, the fifth column the size in bytes, and the sixth column the modification timestamp. Use ls -l --full-time for a complete date‑time format. The link‑count column indicates how many directory entries point to the same i‑node.

Each file also has an i‑node that stores metadata such as owner, permissions, timestamps, and block locations.

Changing Ownership and Permissions

chgrp

– change the group ownership (the target group must exist in /etc/group). chown – change the file owner (the user must exist in /etc/passwd) and optionally the group. chmod – change the permission bits, either numerically or symbolically.

Numeric mode

Permissions are represented by three octal digits: read = 4, write = 2, execute = 1. The digits are summed for each class (owner, group, others). Example:

chmod 750 filename   # owner rwx (7), group r-x (5), others --- (0)

Setting chmod 777 grants all permissions to everyone and is insecure.

Symbolic mode

Use u, g, o, or a to refer to owner, group, others, or all. The operators =, +, and - assign, add, or remove permissions respectively.

chmod u=rwx,go=rx filename   # owner rwx, group and others r-x

chmod a+w filename            # add write permission for everyone

chmod a-w filename            # remove write permission for everyone

These operators allow precise control without affecting unspecified bits.

Directory Permissions

Directories also have r, w, and x bits: r – list the directory contents. w – create, delete, rename, or move entries within the directory. x – enter the directory with cd.

File Types

Regular file – shown as - in the first column.

Directory – shown as d.

Symbolic link – shown as l.

Block device – shown as b (e.g., hard disks, USB drives).

Character device – shown as c (e.g., keyboards, mice).

Socket – shown as s, used for inter‑process communication.

FIFO (named pipe) – shown as p, used for pipeline communication.

Understanding these types helps interpret the first character of the permission string and decide appropriate access controls.