Unix file permissions cheat sheet

21 februari 2017 | Patrick
Back-end ontwikkelaar

Working with Magento in a Linux environment requires you to have some knowledge of Unix file system permissions. These are documented extensively, but I wanted to have a simple yet complete overview that includes setuid, setgid, and the sticky bit. Since I could not find one, I composed a cheat sheet myself.

Since this is a reference page, I will start with the reference tables. I shall highlight one permission per line, in red. Followed by the chmod command to create it, a common name, and a description.

Lees dit artikel in het Nederlands.

Files
rwx rwx rwxchmod u+rThis file is readable by its owner.
-rwx rwx rwxchmod u+wThis file is writable by its owner.
-rwx rwx rwxchmod u+xThis file is executable by its owner.
-rws rwx rwxchmod u+s“setuid”When the file is executed, the process assumes the id of the owner.
-rwS rwx rwxchmod u+s,u-xWhen the file is executed, the process assumes the id of the owner, yet the owner may not execute it himself.
-rwx rwx rwxchmod g+rThis file is readable by group members.
-rwx rwx rwxchmod g+wThis file is writable by group members.
-rwx rwx rwxchmod g+xThis file is executable by group members.
-rwx rws rwxchmod g+s“setgid”When the file is executed, the process assumes the id of the group.
-rwx rwS rwxchmod g+s,g-xWhen the file is executed, the process assumes the id of the group, yet no member of the group may execute it.
-rwx rwx rwxchmod o+rThis file is readable by others.
-rwx rwx rwxchmod o+wThis file is writable by others.
-rwx rwx rwxchmod o+xThis file is executable by others.
-rwx rwx rwtchmod o+t“sticky bit”Obsolete, originally used to keep the program in virtual memory for faster loading.
-rwx rwx rwTchmod o+t,o-xObsolete; not executable by others.
Directories
drwx rwx rwxchmod u+rThe owner of this directory may read the names of the files and directories in this directory.
drwx rwx rwxchmod u+wThe owner of this directory may create, delete and rename files and directories in this directory.
drwx rwx rwxchmod u+xThe owner of this directory may read data and metadata of files and directories in this directory.
drws rwx rwxchmod u+s“setuid”No effect.
drwS rwx rwxchmod u+s,u-xNo effect.
drwx rwx rwxchmod g+rThe names of the files and directories in this directory are readable by group members.
drwx rwx rwxchmod g+wGroup members may create, delete and rename files and directories in this directory.
drwx rwx rwxchmod g+xGroup members may read data and metadata of files and directories in this directory.
drwx rws rwxchmod g+s“setgid”New files and directories in this directory inherit the the group id of the directory.
drwx rwS rwxchmod g+s,g-xNew files and directories in this directory inherit the the group id of the directory. Group members may not read data and metadata of files in this directory.
drwx rwx rwxchmod o+rOthers may read the names of the files and directories in this directory.
drwx rwx rwxchmod o+wOthers may create, delete and rename files and directories in this directory.
drwx rwx rwxchmod o+xOthers may read data and metadata of files and directories in this directory.
drwx rwx rwtchmod o+t“restricted
deletion flag”
A file or directory in this directory may only be deleted by its owner (, the directory owner and the superuser).
drwx rwx rwTchmod o+t,o-xA file or directory in this directory may only be deleted by its owner (, the directory owner and the superuser). Others may not read data and metadata of files in this directory.

About the cheat sheet

When you execute ls -l you get a list of files in the directory. It shows file type, file permissions and file ownership.

ls -l

Here’s an example result line

-rw-rw-r– 1 patrick www-data 7 feb 20 11:41 hello.txt

-rw-rw-r– are the file permissions, patrick is the file’s owner, and www-data is the file’s group.

File permissions are grouped as follows:

rwx rwx rwxOwner
-rwx rwx rwxGroup
-rwx rwx rwxOthers

You can change the file permissions with the chmod command. For example

chmod +x bin/magentoMakes a file executable, for user, group and other.
chmod g+s pub/mediaMake new files and directories in the directory pub/media inherit the group id of the directory.

References

http://unix.stackexchange.com/questions/79395/how-does-the-sticky-bit-work

https://en.wikipedia.org/wiki/File_system_permissions

https://linux.die.net/man/1/chmod

https://en.wikipedia.org/wiki/Setuid

Geef een reactie

Het e-mailadres wordt niet gepubliceerd. Vereiste velden zijn gemarkeerd met *

Patrick
Back-end ontwikkelaar
Als Magento developer ontwikkel ik maatwerk-functionaliteiten en extensies voor onze klanten. Het is voor mij een uitdaging om de wensen van de klant op de meest elegante manier vorm te geven, lettend op snelheid, stabiliteit en uitbreidbaarheid. Daarnaast vind ik het leuk mezelf continu te verdiepen op het gebied van nieuwe innovaties en de laatste ontwikkelingen op development gebied. Benieuwd waarin BigBridge en Magento het verschil maken? Neem contact op