Apache Awk Bash C cftp daemontools DHCP djbdns DNS Emacs Email ezmlm Fetchmail find GDB Hardware HTML HTTP Intro ISDN less Make Math mc mirrordir MySQL Peripherals Perl PHP3 pppd qmail Regexps Shell System Tables test To do Typical ucspi-tcp Versions Index TCP/IP slides

Octal file permissions

Value in mode Corresponding permission ls -l display
Other users not in the file's group
1 Execute - --- --- --x
2 Write - --- --- -w-
4 Read - --- --- r--
Other users in the file's group
10 Execute - --- --x ---
20 Write - --- -w- ---
40 Read - --- r-- ---
The file's owner
100 Execute - --x --- ---
200 Write - -w- --- ---
400 Read - r-- --- ---
Special permissions
1000 Save text image on swap device
(aka sticky bit)
- --- --- --t
2000 Set group ID on execution - --- --s ---
4000 Set user ID on execution - --s --- ---

Permission flags/access matrix

Value in mode Description Regular file Directory
4000 Set user ID Set effective user ID on execution (not used)
2000 Set group ID If group execute bit set (10) then
set effective group ID on execution
else
mandatory record locking
Set group ID on new files created to the group ID of the directory
1000 Sticky bit Save program text in swap area (if supported) Restrict removal and renaming of files in directory
400 User read User permission to read file User permission to read directory entries
200 User write User permission to write file User permission to delete and create files in directory
100 User execute User permission to execute file User permission to search for a given pathname in directory
40 Group read Group permission to read file Group permission to read directory entries
20 Group write Group permission to write file Group permission to delete and create files in directory
10 Group execute Group permission to execute file Group permission to search for a given pathname in directory
4 Others read Others permission to read file Others permission to read directory entries
2 Others write Others permission to write file Others permission to delete and create files in directory
1 Others execute Others permission to write file Others permission to search for a given pathname in directory

Permission summary

Operation Required permissions
Creating a file Write and execute permission in directory
Reading a file Read permission on file and execute permission in all directories in the file's pathname.
For example, to open the file /usr/dict/words execute permission is required for directories /, usr and dict. Then we need read permission for the file words
Writing to file Write permission on file and execute permission in all directories in the file's path
Deleting a file Write permission in directory and execute permission in all directories in the file's path.
Note that we don't need any permissions on the file
Listing directory Read permission in directory
Visiting directory Execute permission in directory

Permission examples

Assuming a directory and file as below, a regular user (not root) gets the following results for the given commands:

Command Result

drwx------ 2 root root 1024 xxx xx xx:xx example/
-rw------- 1 root root 4096 xxx xx xx:xx example/testfile
ls /example Permission denied
cat /example/testfile Permission denied
rm /example/testfile Permission denied
echo probe > /example/testfile Permission denied

drwxrwxrwx 2 root root 1024 xxx xx xx:xx example/
-rw------- 1 root root 4096 xxx xx xx:xx example/testfile
ls /example OK
cat /example/testfile Permission denied
rm /example/testfile OK
echo probe > /example/testfile OK

drwxrwxrwx 2 root root 1024 xxx xx xx:xx example/
-rw-rw-rw- 1 root root 4096 xxx xx xx:xx example/testfile
ls /example OK
cat /example/testfile OK
rm /example/testfile OK
echo probe > /example/testfile OK

dr-xr-xr-x 2 root root 1024 xxx xx xx:xx example/
-rw------- 1 root root 4096 xxx xx xx:xx example/testfile
ls /example OK
cat /example/testfile Permission denied
rm /example/testfile Permission denied
echo probe > /example/testfile Permission denied

Various useful command forms

To extract the currently existing interface IP addresses
ifconfig|grep inet|cut -f 2 -d :|cut -f 1 -d ' '
To extract part of the existing interface IP addresses
ifconfig|grep inet|cut -f 2 -d :|cut -f 1,2,3 -d '.'
To find the most recent file in the given directory
ls -t|head -1
To create a link on the given directory for the given file (can use multiple files)
ln -s file dir
To create a link named link_to_be_created to the file named file_to_be_linked
ln -s file_to_be_linked link_to_be_created
To refer the previous working directory (OLDPWD qv)
ls ~-
To change to the previous working directory
cd -
To show the shared libraries required by program
ldd program
To remove debug information from program
strip program
To show network statistics once a second
netstat -c
To display top processes every few seconds
top
To convert DOS/Windows text files to Linux/Unix format (delete CRs)
tr -d '\r' <filein >fileout
To capture a sequence of commands and results, start a new shell section with the following command, which will create the file example with all the commands and results. Use C-d to terminate
script example
To list all the subdirectories in the current directory, use
ls -F|grep /$
To find the process ID of a process named example, use
pidof example
To add a timestamp to the file named example, use
mv example example.`date -r example +%Y%m%d%H%M`
Last update: Wed, 2 Nov 2005 10:16:21 GMT