I've been trying to understand Linux permissions. I know that I could download one file via CyberDuck from a remote Linux machine and the other one I was not able to. Here is the output of ls -l
:
-rw-r--r-- 1 root root 5360 Jul 26 17:31 coworking1.crt
-rw------- 1 root root 1704 Jul 26 17:31 coworking1.key
Please tell me:
- How can I read the line
-rw-r--r-- 1 root root
? - Besides permissions duplication via
chmod --reference:file1 file2
, how could I set the permissions ofcoworking1.key
to be the same ascoworking1.crt
via a bash command?
Answer
In the line -rw-r--r-- 1 root root
, the first dash character indicates a file without any special permissions on it. The next 3 characters "rw-" indicate that the owner of the file can read and write to the file, but the file is not executable. I.e., it isn't a program that you could run. If it was also executable, you would see "rwx" rather than "rw-".
The next 3 characters, "r--" indicate that any other accounts in the group for this file, which is "root", only have read access; since there are dashes where the "w" and "x" could appear, that indicates those permissions aren't granted to the file for the group. The following "r--" indicates that "others", i.e., accounts that aren't the owner and which aren't in the group that has access to this file have only read access. When you see "root root", The first "root" is the account that owns the file. The second "root" shows the group that applies to the file. The group doesn't necessarily have to be the same as the owner; they could be different. E.g., there could be a group named "test" that has root and the account jdoe in it. But in this case, the root account is likely the only account in the root group. You can see the groups on the system by issuing the command cat /etc/group
You could set the permissions for coworking1.key to be the same as coworking1.crt with chmod 644 coworking1.key
or chmod g+r,o+r coworking1.key
. In the latter example you are adding read access for the group and read access for others.
For references, see Understanding Linux File Permissions and Linux Tutorial - 8. Permissions, which will explain why chmod 644 coworking1.key
also works. But, basically you can think of the 3 positions in each grouping having a numeric value of 4 for the first position, 2 for the second position and 1 for the third position. So, if the permission is "rw-", you would have a total of 6. If it is "r--" you have a value of 4. If it was "rwx", you would have a total of 7. Those numbers apply to each grouping. So using 644 means that you have 6 for the owner (rw-), 4 for the group (r--) and 4 for all other accounts on the system (r--). But you can always use the chmod g+r,o+r coworking1.key
format and not worry about how to set permissions numerically. For that format, using a plus sign adds the permission and using a minus sign removes the permission.
No comments:
Post a Comment