We will now continue with the Linux command line basics. For those of you who have just visited this site, the first part of Linux command line basics can be found here.
In this post we will go through the standard Linux directory structure before explaining you some concepts about Linux file permissions so that you will be in a better position to understand user/group management commands and the commands used to set file permissions in Linux.
Linux directory structure:
The Linux directory structure is like a tree. Standard Linux directory structure generally contains the following directories-
1. / – This is the highest level directory in the tree. It is called ‘root’ and all other folders and devices are it’s subdirectories. In Linux, everything is represented as a file or a folder (even hardware devices!). Since, you can set permissions on files and folders, you can secure access to these files and folders. This is the reason why Linux is secure by design.
2. /bin – This directory contains essential binary applications required by the system to operate.
3. /usr/bin – This directory contains the binary applications for the system’s users.
4. /sbin – This directory contains the binary applications required for system administration by a super user. This folder contains critical binary applications that system must use even before other directories are mounted.
5. /usr/sbin – This directory contains the binary applications required for system administration by a super user but the applications are available only after booting is completed.
6. /boot – This is the directory where Linux kernel and boot loader files are kept.
7. /dev – This directory contains all the hardware devices available to the system represented as files. The system can read from and write to these files or both depending on the type of device.
8. /etc – This directory contains the configuration files for the OS, applications and the startup scripts.
9. /home – This is the directory which contains the user’s home directories. In general, a normal user cannot write or make changes to the directories outside his home directory. This reduces the chances of user accidently messing up the system. Only root user (administrator) or super users can write or make changes anywhere in the Linux directory structure.
10. /lib – This directory contains the shared libraries required for proper functioning of the system.
11. /lost+found – This directory contains the lost and found files from the root directory.
12. /mnt – This directory is the mount point for the mounted file sytems in your computer.
13. /media – This directory is the mount point for the file systems of the removeable devices.
14. /opt – This directory is a place for the optional applications that can be installed.
15. /proc – This is a virtual directory that contains entries corresponding to the processes and threads running in the system.
16. /srv – This directory acts as a temporary location for the data to be used by the servers.
17. /sys – This directory contains system-specific information to be used as a refrence for other applications.
18. /tmp – This directory is used for temporary storage of files.
19. /usr – This directory contains files/folders that support applications that are available to all the users.
20. /var – This directory contains files that change while the system is running.
File / Folder permissions in Linux:
In Linux, there are 3 types of file permissions–
r (read) – Allows user to view the file – numerical value = 4
w (write) – Allows user to edit the file – numerical value = 2
x (execute) – Allows user to run the file as an executeable – numerical value =1
While listing a directory in long format via ls -l command, you will notice the that the first column has the following format-
This column represents the file / folder permissions. Let us see how-
– r w x r w x r w x
The first character from left represents the whether the listed entry is a file (represented by ‘-‘), directory (represented by ‘d’) or a link (represented by ‘l’).
– r w x r w x r w x
The red characters represent the permissions provided to the owner of the file. Presence of a character(r, w or x) represents that the permission for that action (read, write or execute) is granted. Presence of a ‘-‘ instead of the character represents that the permission for that action (read, write or execute) is denied.
In above case the owner has premission to read, write and execute the file. Note that, r+w+x = 4+2+1 = 7.
– r w x r w x r w x
The green characters represent the permissions provided to the members of the owner’s group for the file. In above case the group members have premission to read, write and execute the file. Note that, r+w+x = 4+2+1 = 7.
– r w x r w x r w x
The blue characters represent the permissions provided to all the other users for the file. In above case the other users have premission to read, write and execute the file. Note that, r+w+x = 4+2+1 = 7.
The numerial value of the above permission is represented as 777.
Here are few examples of the file permissions-
rwx—— : (4+2+1, 0+0+0, 0+0+0 = 700) Owner can read, write and execute the file. Group users and other users do not have any permissions for the file.
rw-rw-rw- : (4+2+0, 4+2+0, 4+2+0 = 666) All users can read and write to the file.
rw-r–r– : (4+2+0, 4+0+0, 4+0+0 = 644) Owner can read and write to the file. Group users and others can only read the file.
The directory permissions are calculated in similar manner with just the following differences-
r (read) – Allows user to list the files in the directory – numerical value = 4
w (write) – Allows user to create new files and delete the files in the directory – numerical value = 2
x (execute) – Allows user to change to the directory via cd command – numerical value =1
Here are few examples of directory permissions-
rwxrwxrwx : (4+2+1, 4+2+1, 4+2+1 = 777) Allows owner, group members and others to list files in directory, create files in directory, delete files from the directory and to change to the directory.
rwxr-xr-x : (4+2+1, 4+0+1, 4+0+1 = 755) Allows owner to list files in directory, create files in directory, delete files from the directory and to change to the directory. Group members and others can change to the directory and list the files only.
rwx—— : (4+2+1, 0+0+0, 0+0+0 = 700) Allows owner to list files in directory, create files in directory, delete files from the directory and to change to the directory. Group members and others do not have any permission on the directory. Makes the directory private to the owner 😉
That’s it for today. In next part we will learn user/group management and changing file/folder permissions via command line.