Despite Linux being the most dominant operating system in the world, many people still use Windows. How do they go about getting work done? We explore a case study of one such person with permission issues on Linux and how they were resolved by using appropriate permissions in Nautilus.
The “linux file permissions” is a command that can be used to view the current file permissions. This command will show you what user or group has access to which files in your system.
If you’ve worked with Windows for a while, you’re undoubtedly familiar with Accounts for Users, the NTFS file system, and configuring rights. If that’s the case, be ready for a whole new world of Permissions for Linux Files! To be a skilled Linux administrator, you must understand how to use the file system in Linux.
This is Part II of a four-part series on learning Linux from the viewpoint of a Windows administrator! If you haven’t already, go back and read Part I.
Utilizing the File System
Let’s start with the file system, which is how Linux stores and maintains files.
Note that OpenSUSE Linux will be used in all of the examples.
There Will Be No More Drive Letters
Unlike Windows, portable disks and other devices do not have a drive letter and open up immediately when the computer is restarted. Every drive in Windows is assigned a letter: C:, D:, and so on. In Linux, how do drive letters work? There are none at all!
A folder named the root folder exists in Linux. The root of the file system, or simply /, contains this folder. Before every other file in the system, the forward slash is the initial forward slash. This forward slash functions similarly to the base C:, but only if the other drive letters were just subfolders of C:.
The main system files are located in the root folder. Everything else is a subdirectory of this primary folder, including additional devices.
The distinction between folders and filesystems is blurred in Linux. Similar to the C:Users folder in Windows, the Linux directory /home is the root of all users’ “profiles.” /home is a directory in this scenario. In Linux, however, “directories” do not have to be directories. They may also be storage partitions or even a whole independent hard drive. This is similar to how Windows mount points work.
This post will teach you more about root folders.
Home Folders and Users
If you’re using OpenSUSE, you might notice a Home folder on your desktop as shown below. This folder is the Linux version of the C:users<username> folder or “profile”. The Linux “users” folder lives under /home on your installation disk by default.
The user in the example below is named homelab, and his “profile” is placed at /home/homelab.
User (Home) Folder of Your Own
In Linux (and Windows), the home folder (or user profile in Windows) has a shorthand notation of a tilde (~). If you see something like “~/Documents/blah.txt, it’s actually referring to your /home/<username>/Documents/blah.txt file.
In Linux, capitalization is crucial.
In Linux, everything is case sensitive. This notion is diametrically opposed to Windows, which treats case insensitively practically everything.
If you have a directory named /home/homelab, for example, you may create a new directory called /home/Homelab. This idea also applies to commands. CD /home/homelab is not the same as CD /home/homelab (which should fail).
This notion will tangle you up as a Windows user at some time. Keep your capitalisation to a minimum! Below is an illustration of two distinct folders. The capitalization is the sole difference between the two: This is not doable in a Windows system.
On Windows, the ability to create two distinct directories just by capitalization is not feasible.
Accounts for Users
Like Windows, Linux has the concept of Accounts for Users but they behave a little differently. First start off by thinking of Linux Accounts for Users in terms of your familiar Windows Accounts for Users.
Windows has a few built-in Accounts for Users such as Administrator, the hidden SYSTEM account, Guest, etc. Windows also have various built-in security groups like Administrators, Guests, etc.
By launching thelusrmgr.msc MMC snapin, you may see all of the Windows users and groups in the Local Users and Groups MMC.
The Local User Control Panel in Windows
SIDs in Windows
Windows uses a term called the SID to refer to users and groups in order to uniquely identify them. You may get the SID of each user and group in Windows by using the PowerShell instructions shown below.
Select a name and a sid using Get-LocalUser. pick name,sid from Get-LocalGroup
On a Windows computer, the list of users and groups
The SID for each Windows group is the same on all Windows PCs. Windows’ built-in user SIDs are one-of-a-kind. On every Windows PC, the Administrator SID should be distinct, as seen in the following picture. Any user or group established in Windows in the future will be unique. Take a look at the test group below. The SID would be different if you created a test group on your Windows PC.
A new “test” group has been added to the top with its own SID.
Usernames on Linux
Linux, on the other hand, manages users and groups in a similar way, except that instead of SIDs, Linux uses user IDs (UIDs) and group IDs (GIDs). Users and groups are also unique to the computer, but not to all machines, unlike Windows. This implies that your UID on Computer A may be the same as your UID on Computer B, even though the users aren’t the same.
Both UIDs and GIDs follow a simple, numeric convention; each UID and GUID start at 0 and increment by one ranging from 1-999 for internal system accounts and 1000+ for custom Accounts for Users.
The UID and GID of the built-in root user are always 0 and 0. This root account is also often (depending on Linux version) blocked from logging in, similar to the Windows secret SYSTEM account.
The built-in root user is a combination of the Windows SYSTEM and Administrator built-in accounts. Even if you are a Windows Administrator, there are several built-in precautions that prevent you from fully deleting the operating system.
On the other side, the root user has total power. If you attempt to erase your whole operating system while logged in as root (using the command sudo su on the command line), root will gladly do so until the machine dies.
Assume you’ve created a user named homelab. The homelab UID might thus be referred to by either 1000 or homelab. The user will be added to the internal group users, which you may find using the group ID of 100. Run the getent passwd command to get a list of these mappings, as shown below:
within the terminal, type getent passwd
With the getent group command, you may get the same information as previously for groups.
within the terminal, run getent group
Permissions for Linux Files
Filesystem permissions are a pain in the Windows world. With ACE, ACLs, inheritance, propagation, and other features, setting and maintaining rights in NTFS may be a headache. Fortunately, filesystem permissions in Linux are considerably easier.
You may grant three sorts of privileges to a file in Linux: read, write, and execute, with three levels of access: owner, group, and others.
- The owner of a file or folder is the user who owns it. Each file and folder has a unique owner.
- The owner of the file/folder is the group. This does not have to be the same organization as the owner. There may only be one group for each file or folder.
- Others are… well… others. It refers to those who are not members of the owning organization or who are not the designated owner.
For each category, you have the choice to accept or disallow each option. For example, you may grant the owner read, write, and execute permissions, as well as read/execute permissions to the group and others. The screenshot below demonstrates this. This implies that no one other than the folder’s owner may make changes to it.
In Ubuntu, you can view this information in the same way you do in Windows explorer:
- Go to your desktop and open the Home folder.
- Go to the file/folder you’re looking for.
- Right-click the file/folder and choose Properties from the drop-down menu.
- Select Permissions from the drop-down menu.
- Select Advanced Permissions from the drop-down menu.
You can view all rights applied to that file or folder visually once you’re in the Advanced Permissions box.
The advanced permissions menu in OpenSUSE is shown.
The Advanced Permissions table is seen below.
Visual representation of file permissions
Ownership of a File
Like Windows, each file and folder has an owner. In Windows, you can take ownership of a file in the GUI or via the takeown command. In Linux, you take ownership by running chown <user>:<group> <file/folder> on the command line.
To change ownership of files using sudo, you’ll usually require administrator authority, much like on Windows. sudo is the Linux counterpart of User Account Control in Windows (UAC). To perform tasks as an administrator, you use sudo instead of opening an administrative command line window.
To show some of these ideas, let’s create a folder that only root owns.
- Navigate to Documents from your home folder.
- Open up a command prompt by right click —> Actions —> Open Terminal Here, and run the following:
mkdir owned-by-root sudo sudo chmod 700 root-owned
Creating a folder that is exclusively for the root
The owner has only read/write/execute access on this folder. The owner of the folder is now root, since you created it with admin access.
You also adjusted the permissions such that the owner is the only one who has access. This folder is inaccessible to the owner’s group and other users. You’ll note that the folder has a large lock on it, suggesting that you don’t have permission to open it.
Take a look at the instructions below to learn how to take control of this folder.
- In the same folder, open another terminal (or use the one you already had)
- chown homelab:users./owned-by-root sudo
Change ownership command in OpenSUSE is shown.
Now that you have ownership, you may use the properties window in the explorer GUI to adjust the file permissions.
Permissions for files in the explorer GUI
You just want to modify ownerships, not file permissions, in most cases. By default, Linux is quite excellent at figuring out what rights items should have. You can really mess things up if you don’t know what you’re doing with ‘chmod’.
File Permissions in Numeric Notation
You may have seen folks online describe file permissions using a number scheme if you’ve done any Linux troubleshooting. In the picture below, you can see this highlighted:
The permissions menu, as seen remotely through WinSCP from a Windows system
For this access mechanism, Linux utilizes a shorthand notation based on digits, such as 0600. The first number is for some optional unique qualities that most people overlook. In truth, the majority of individuals merely utilize three numbers and disregard the leading fourth.
For more information about File Permissions in Numeric Notation, check out this article.
Wrap Up
That concludes Part II of our blog article series A Windows Guy in a Linux World! Make sure to keep the momentum going with Part 3!
The “why do you think unix has such a limited ability to assign permissions compared with windows” is a question that I have been asked many times. In this blog, I will discuss the difference between file permissions in Windows and Linux.
Related Tags
- linux permissions
- how are permissions inherited when users are members of multiple user groups?
- when using windows to access linux, do the permissions still apply?
- file permissions in windows
- chmod not working on mounted drive