🎁 New User? Get 20% off your first purchase with code NEWUSER20 Register Now →
Menu

Categories

Linux Tutorials

Linux File Permissions Explained: A Complete Guide for System Administrators

Nico Brandt | February 3, 2026 | 5 min read | 49 views
linux security tutorial
Linux File Permissions Explained: A Complete Guide for System Administrators

Understanding Linux File Permissions: The Foundation of System Security

Linux file permissions are one of the most fundamental concepts every system administrator must master. Whether you are managing a single server or an entire data center, understanding how permissions work is crucial for maintaining security and proper system operation. In this comprehensive guide, we will explore everything you need to know about Linux file permissions.

The Three Permission Types

Every file and directory in Linux has three types of permissions:

  • Read (r) - Allows viewing the contents of a file or listing directory contents
  • Write (w) - Allows modifying a file or creating/deleting files in a directory
  • Execute (x) - Allows running a file as a program or accessing a directory

Permission Classes: User, Group, and Others

Linux organizes permissions into three classes:

User (Owner): The person who created the file or directory. The owner has the most control over the file and can change its permissions.

Group: A collection of users who share the same permissions on the file. This is particularly useful in team environments where multiple people need access to the same resources.

Others (World): Everyone else on the system who is not the owner or part of the group.

Reading Permission Strings

When you run ls -l in a Linux terminal, you will see permission strings like -rwxr-xr--. Let us break this down:

  • First character: File type (- for regular file, d for directory, l for symbolic link)
  • Characters 2-4: Owner permissions (rwx)
  • Characters 5-7: Group permissions (r-x)
  • Characters 8-10: Others permissions (r--)

Numeric (Octal) Permission Notation

Permissions can also be represented numerically:

  • Read (r) = 4
  • Write (w) = 2
  • Execute (x) = 1

To calculate the permission number, add the values together. For example, rwx = 4+2+1 = 7, and r-x = 4+0+1 = 5. So chmod 755 gives the owner full permissions (7) and group/others read and execute permissions (5).

Using chmod to Change Permissions

The chmod command changes file permissions. You can use either symbolic or numeric notation:

Symbolic notation:

chmod u+x script.sh    # Add execute permission for owner
chmod g-w file.txt     # Remove write permission for group
chmod o=r document.pdf # Set others to read only
chmod a+r public.html  # Add read for all (user, group, others)

Numeric notation:

chmod 644 file.txt     # rw-r--r--
chmod 755 script.sh    # rwxr-xr-x
chmod 700 private.key  # rwx------

Using chown to Change Ownership

The chown command changes file ownership:

chown username file.txt           # Change owner
chown username:groupname file.txt # Change owner and group
chown :groupname file.txt         # Change group only
chown -R username:groupname /dir  # Recursive change

Special Permissions: SUID, SGID, and Sticky Bit

Linux has three special permissions that provide additional functionality:

SUID (Set User ID): When set on an executable, it runs with the permissions of the file owner, not the user executing it. This is how the passwd command can modify /etc/shadow.

chmod u+s executable   # Set SUID
chmod 4755 executable  # Numeric notation

SGID (Set Group ID): On executables, it runs with group permissions. On directories, new files inherit the directory group.

chmod g+s directory    # Set SGID
chmod 2755 directory   # Numeric notation

Sticky Bit: On directories, only the file owner can delete their files, even if others have write permission. Commonly used on /tmp.

chmod +t directory     # Set sticky bit
chmod 1755 directory   # Numeric notation

Best Practices for Linux Permissions

Follow these security best practices:

  1. Principle of Least Privilege: Only grant the minimum permissions necessary
  2. Never use 777: This gives everyone full access and is a major security risk
  3. Protect sensitive files: Use 600 or 400 for private keys and configuration files
  4. Use groups effectively: Create groups for team access instead of using world permissions
  5. Regular audits: Periodically review permissions with find / -perm -777

Common Permission Scenarios

Web server files:

chmod 644 /var/www/html/*.html  # HTML files readable
chmod 755 /var/www/html         # Directory accessible

SSH keys:

chmod 700 ~/.ssh
chmod 600 ~/.ssh/id_rsa
chmod 644 ~/.ssh/id_rsa.pub

Shared project directory:

chmod 2775 /shared/project  # SGID for group inheritance
chown :developers /shared/project

Troubleshooting Permission Issues

When facing permission denied errors:

  1. Check current permissions with ls -la
  2. Verify ownership with stat filename
  3. Check parent directory permissions
  4. Use namei -l /path/to/file to check entire path
  5. Review SELinux or AppArmor contexts if applicable

Conclusion

Understanding Linux file permissions is essential for every system administrator and developer working with Linux systems. By mastering chmod, chown, and special permissions, you can maintain secure and well-organized systems. Remember to always follow the principle of least privilege and regularly audit your permission settings.

Ready to put your knowledge into practice? Check out our recommended Linux administration books to deepen your understanding of system security and management.

Share this article:

Recommended Books

AlmaLinux for Beginners

AlmaLinux for Beginners

€12.90 €17.90
Linux Administration Fundamentals

Linux Administration Fundamentals

€9.90 €12.90
Linux System Administration Handbook

Linux System Administration Handbook

€13.90 €16.90
Linux System Administration for Beginners

Linux System Administration for Beginners

€10.90 €13.90

Related Articles

Stay Updated

Subscribe to our newsletter for the latest tutorials, tips, and exclusive offers.