Understanding File Permissions in Linux

 

Let's give ls -la command to /var directory to see an example:

Let's break down the 3rd line:

drwxr-xr-x  2 root     root     4096 মে       24 09:52 backups

x may sometimes be replaced by s, S, t or T which indicates special types of flags have been set.

Let's see what the letters mean. For files:

1. s -- File is executable and will set user (setuid) or group ID (setgid) on execution. The process will execute with the file's user owner ID and/or group owner ID, regardless of the user that launched the program, e.g., if the user nobody runs a file with properties such as -rwsr-xr-x 1 root root 40536 May 17 2017 /bin/su, su will run as the root user.
2. S -- File has set user/group ID on execution enabled but is not executable (although possible to set permissions in such a way, it serves no purpose).
3. t or T -- Sticky bit; can be set on files but does nothing on Linux (on other operating systems it may have some effects).

For directories, permissions are interpreted in a slightly different way:

1. r -- Contents can be listed with a command such as ls name_of_directory. Always used in conjunction with x to be useful. A readable but not executable directory can be listed with a command such as ls name_of_directory but the contents themselves cannot be read or written to and programs cannot be run, even if the readable, writable, executable bit is set on those files.
2. w -- You can add files and subdirectories, delete or rename contents within.
3. x -- You can "execute" directory contents, meaning you can read (readable) files, write to those files (if the files themselves have the write permission enabled) and run programs (if executable bit is set on them).

To more easily remember the effects of these permissions you can think that they focus more on the structure of a directory rather than the objects it contains: with r you can read the structure, see the table of contents, with w you can change the structure and with x you can execute/take action (read, write, run) on any part of that structure.

1. s -- Set group ID: the directory is executable and every file/subdirectory created in it will automatically inherit the group owner. From our example above /var/mail has the following permissions: drwxrwsr-x 2 root mail 4096 Oct 25 2017 mail. This means that any file/directory that any user creates there will automatically be owned by the "mail" group (even if the user doesn't belong to this group). Although s can also be set for user permissions, instead of group, it has no effect on Linux. The files will still be owned by the user that created them, not by the user owning the directory.
2. S -- The directory has the set group ID/set user ID flag enabled but is not executable.
3. t -- Restricted deletion flag enabled and directory is executable by other users. This is useful on directories shared between multiple users. Normally, whoever can write content in a directory, can also delete it, even if they don't own that content. The restricted deletion flag prevents that and allows users to delete only content that they own.
4. T -- Restricted deletion flag enabled but directory is not executable by other users

The number after the permission is the number of hard links to that file or directory (to be more precise: to that inode) and has nothing to do with permissions; see info ls. And, it has nothing to do with the file count, but directories inside that directory affect the number (see point 3.)

Let me explain this, but please make you comfortable with the concept of hard links first. In short: You can think of it as different names for the very same file (which is identified by its inode number).

For more info about this number checkout Stack Exchange

Found what I was searching. This image explains all. For more info about this goto this link

Help From: Alibaba Cloud

Draw from: Draw.io