1 of 3

File Ownership

How Unix File Ownership Works

UNIX is a multi-user environment, how does it maintain security inside of itself?

Every file has an owner and permissions.

There are three levels of ownership:

User
Group
Other

Three levels of permissions:

Read
Write
Execute

How is this useful? Well imagine a lab! There are files that an entire lab should have access to. So put all users in a lab into a lab group, then sharing a file between a lab just means making the lab group the owner of a file. This is already what we do on Luria!

Read File Ownership and Permissions

You can view the ownership and permissions of a file by running ls -l. Here's an example of the output of ls -l:

[asoberan@luria unixclass]$ ls -l
total 40
-rwxr-xr-x 1 asoberan ki-bcc 3845 Apr 28 21:48 arrayAnnot.txt
-rwxr-xr-x 2 asoberan ki-bcc 3134 Apr 28 22:11 arrayDat.txt
-rwxr-xr-x 2 asoberan ki-bcc 3134 Apr 28 22:11 arrayHard.txt
-rwxr-xr-x 1 asoberan ki-bcc 1634 Apr 28 21:48 arraylen.txt
lrwxrwxrwx 1 asoberan ki-bcc   12 Apr 28 22:13 arraySoft.txt -> arrayDat.txt
-rwxr-xr-x 1 asoberan ki-bcc 3128 Apr 28 21:48 beep.txt
-rw-r--r-- 1 asoberan ki-bcc  528 Apr 28 21:48 ex1.sh
-rw-r--r-- 1 asoberan ki-bcc  479 Apr 28 21:48 ex2.sh
-rw-r--r-- 1 asoberan ki-bcc  368 Apr 28 21:48 ex3.sh
-rwxr-xr-- 1 asoberan ki-bcc  340 Apr 28 21:48 test_1.fastq
-rwxr-xr-- 1 asoberan ki-bcc  340 Apr 28 21:48 test_2.fastq

Let's focus on the arrayDat.txt file.

-rwxr-xr-x 2 asoberan ki-bcc 3134 Apr 28 22:11 arrayDat.txt

asoberan ki-bcc describes the ownership of a file. In this case, the user asoberan and the group ki-bcc own the file.

-rwxr-xr-x describes the permissions that the owners of the file have.

The permissions can be broken down into three parts:

The user's permissions
- -rwx
- The user asoberan has read (r), write (w), and execute (x) permissions for this file.
The group's permissions
- r-x
- The group ki-bcc has read (r) and execute (x) permissions for this file.
Everyone's else's permissions
- r-x
- Anyone who isn't asoberan or in the group ki-bcc has read (r) and execute (x) permissions for this file.

To check what group you are in, you can use the groups command:

[asoberan@luria unixclass]$ groups
ki-bcc

Change File Ownership and Permissions

To change the owners of a file, you can use the following commands:

chown
- This changes the user who owns a particular file or directory.
chgrp
- This changes the group who owns a particular file or directory.

To change the permissions that the owners of a file have, you use the chmod command.

chmod takes two arguments: the permissions to give a file, and the file to change the permissions of. The permissions are represented as a 3-digit number, where each digit represents the permissions to give the user, group, or others, respectively.

Read, write, and execute permissions are represented by the following numbers:

r - 4
w - 2
x - 1

If you want to give someone multiple permissions, you add the numeric representations of those permissions together. For example:

Read, write, execute (rwx) permissions = (4 + 2 + 1) = 7
Write, execute (_wx) permissions = (2 + 1) = 3

So let's say you want to give a file the following permissions:

The user that owns the file should be able to read, write, and execute the file. rwx = (4 + 2 + 1) = 7
The group that owns the file should be able to read and execute the file. r_x = (4 + 1) = 5
Anyone else should have no permissions for the file. ___ = 0

The you'd run the following command:

chmod 750 arrayDat.txt

Remembering the syntax for this command can be quite cumbersome, so I recommend using a third-party website such as https://quickref.me/chmod.