How To Check Permissions Of A File In Linux : File Ownership And Permission Display

by

To see who can read, write, or run a file in Linux, you use the `ls -l` command. This article shows you exactly how to check permissions of a file in linux using simple commands and real examples. You’ll learn to read permission strings, change access, and troubleshoot common issues fast.

Linux file permissions control who can view, modify, or execute files. Understanding them is essential for security and system administration. Let’s break down the process step by step.

How To Check Permissions Of A File In Linux

The most common way to check file permissions is with the `ls -l` command. Open your terminal and type:

ls -l filename

Replace “filename” with the actual file name. The output shows a string like `-rwxr-xr–`. This string tells you everything about who can do what.

Understanding The Permission String

The permission string has 10 characters. The first character indicates the file type. A dash `-` means a regular file. A `d` means a directory. An `l` means a symbolic link.

The next nine characters are split into three groups of three. Each group represents permissions for the owner, the group, and others (everyone else).

  • Owner (first three after type): The user who owns the file.
  • Group (next three): Users in the file’s group.
  • Others (last three): All other users on the system.

Each group uses three letters: `r` for read, `w` for write, and `x` for execute. A dash means that permission is not granted.

For example, `-rwxr-xr–` means:

  • Owner can read, write, and execute.
  • Group can read and execute.
  • Others can only read.

Using `Ls -L` On Multiple Files

To check permissions for all files in a directory, use:

ls -l

This lists every file and folder with its permissions, owner, group, size, and modification date. You can also check a specific directory:

ls -l /path/to/directory

Checking Permissions With `Stat` Command

The `stat` command gives more detailed information. Type:

stat filename

It shows the permission string in octal format (like `755`) and in symbolic format. It also displays the file’s inode number, access time, and more.

For a quick octal view, use:

stat -c "%a %n" filename

This prints the numeric permissions and the file name.

Using `Namei` To Check Path Permissions

Sometimes you need to check permissions for every directory in a file’s path. The `namei` command does this:

namei -l /path/to/file

It lists each component of the path with its permissions. This helps find where access is blocked.

Checking Permissions For Directories

Directory permissions work slightly differently. Read (`r`) lets you list contents. Write (`w`) lets you create or delete files inside. Execute (`x`) lets you enter the directory.

To check a directory’s permissions, use:

ls -ld directoryname

The `-d` flag shows the directory itself, not its contents.

Reading Numeric (Octal) Permissions

Numeric permissions are a shorthand. Each permission has a number:

  • Read = 4
  • Write = 2
  • Execute = 1

Add them up for each group. For example, `rwx` = 4+2+1 = 7. `r-x` = 4+0+1 = 5. `r–` = 4+0+0 = 4.

So `755` means owner has 7 (rwx), group has 5 (r-x), and others have 5 (r-x). You can see numeric permissions with:

stat -c "%a" filename

Common Permission Combinations

  • 644: Owner can read/write, group and others can read. Common for regular files.
  • 755: Owner can read/write/execute, group and others can read/execute. Common for scripts and directories.
  • 700: Only owner can read/write/execute. Used for private files.
  • 600: Only owner can read/write. Used for sensitive data like SSH keys.

Changing File Permissions With `Chmod`

To modify permissions, use the `chmod` command. You can use symbolic or numeric modes.

Symbolic Mode Examples

Add execute permission for the owner:

chmod u+x filename

Remove write permission for the group:

chmod g-w filename

Set read and execute for everyone:

chmod a+rx filename

Numeric Mode Examples

Set permissions to 755:

chmod 755 filename

Set permissions to 644:

chmod 644 filename

Checking Ownership With `Ls -L` And `Chown`

The `ls -l` output also shows the file’s owner and group. The third column is the owner, the fourth is the group.

To change ownership, use `chown`:

sudo chown newowner filename

To change the group:

sudo chown :newgroup filename

To change both:

sudo chown newowner:newgroup filename

Special Permissions: SUID, SGID, And Sticky Bit

Linux has three special permissions that affect how files and directories behave.

SUID (Set User ID)

When set on an executable file, it runs with the owner’s privileges, not the user who runs it. You see an `s` in the owner’s execute position (e.g., `-rwsr-xr-x`).

Set it with:

chmod u+s filename

SGID (Set Group ID)

For files, it runs with the group’s privileges. For directories, new files inherit the directory’s group. You see an `s` in the group’s execute position (e.g., `-rwxr-sr-x`).

Set it with:

chmod g+s directoryname

Sticky Bit

Commonly used on directories like `/tmp`. Only the file owner, directory owner, or root can delete files. You see a `t` in the others’ execute position (e.g., `drwxrwxrwt`).

Set it with:

chmod +t directoryname

Using `Find` To Check Permissions

The `find` command can search for files with specific permissions. For example, to find files with permissions 777:

find /path -type f -perm 0777

To find files where others have write permission:

find /path -type f -perm -o=w

This is useful for security audits.

Checking Permissions With Graphical Tools

If you prefer a GUI, most file managers show permissions. Right-click a file, select “Properties,” and go to the “Permissions” tab. You can see and change owner, group, and permissions there.

However, the terminal is faster for bulk operations and scripting.

Common Mistakes And Troubleshooting

Here are frequent issues and how to fix them.

Permission Denied Errors

If you get “Permission denied,” check the file’s permissions and ownership. Use `ls -l` to see who owns it. If you need access, use `sudo` or ask the owner to change permissions.

Cannot Execute A Script

If a script won’t run, it likely lacks execute permission. Add it with:

chmod +x script.sh

Cannot Write To A Directory

You need write permission on the directory itself, not just the files inside. Check with `ls -ld`.

Incorrect Octal Values

Remember that numeric permissions are calculated per group. A common mistake is using `777` for everything, which is insecure. Use minimal permissions needed.

Practical Examples

Let’s walk through real-world scenarios.

Example 1: Checking A Configuration File

You want to check permissions for `/etc/ssh/sshd_config`. Run:

ls -l /etc/ssh/sshd_config

Output might be `-rw——-`. This means only the owner (root) can read and write. That’s secure.

Example 2: Checking A Script

You have a script `backup.sh`. Check it:

ls -l backup.sh

If it shows `-rw-r–r–`, it’s not executable. Add execute:

chmod +x backup.sh

Example 3: Checking A Shared Directory

You want a directory where everyone can read and write but only owners can delete. Set sticky bit:

chmod 1777 shared_directory

Check with `ls -ld` to see `drwxrwxrwt`.

Using `Getfacl` And `Setfacl` For Advanced Permissions

Linux also supports Access Control Lists (ACLs) for finer control. To see ACLs:

getfacl filename

To set an ACL for a specific user:

setfacl -m u:username:rwx filename

This gives that user specific permissions without changing the base permissions.

Automating Permission Checks With Scripts

You can write a simple script to check permissions for multiple files. For example:

#!/bin/bash
for file in /path/to/files/*; do
    echo "Checking $file"
    ls -l "$file"
done

Save it, make it executable, and run it.

Security Best Practices

Always follow the principle of least privilege. Give only the permissions needed.

  • Use 644 for most files.
  • Use 755 for directories and scripts.
  • Never use 777 on production systems.
  • Regularly audit permissions with `find`.
  • Use ACLs for complex scenarios.

Frequently Asked Questions

How do I check permissions of a file in Linux using a single command?

Use `ls -l filename` to see the permission string, owner, and group in one line.

What does `chmod 755` mean?

It sets owner to read/write/execute (7), group to read/execute (5), and others to read/execute (5).

How can I see permissions for all files in a folder?

Run `ls -l` inside the folder, or use `ls -l /path/to/folder`.

Why do I get “Permission denied” even with correct permissions?

Check the entire path with `namei -l`. A parent directory might lack execute permission.

What is the difference between `chmod` and `chown`?

`chmod` changes permissions (read/write/execute). `chown` changes ownership (user and group).

Conclusion

Checking file permissions in Linux is straightforward once you understand the permission string. Use `ls -l` for quick checks, `stat` for details, and `namei` for path issues. Remember to use numeric or symbolic modes with `chmod` to adjust access. Always apply the principle of least privilege for security. With these commands, you can manage any file’s permissions confidently.

Now you know how to check permissions of a file in linux. Practice on your own system to get comfortable. The more you use these commands, the more natural they become.