Learn GNU/Linux Commands (11): Permission - stat, chown, chmod

-

In GNU/Linux and other Unix-like systems, everything can be considered as a file, every file belongs to a user and a group. The user, other members of the group, and other users of the system have their own permission to access the file. There are 3 kinds of permission: the permission to read, to write, to execute.

To execute a file means to let the system perform base on the content of the file. In order to execute a non-binary script (file), the user needs the permission to read it as well.

By default, when a normal file is made, the user who makes it owns it, the owner and members in the group have the permission to read and write it, others have the permission to read it. For a directory, it is the same as normal files besides that every user has the permission to execute the directory. This is for files under it to be executable.

The superuser, or root, can read and write all files. Root can execute a file if there is at least one user who is permitted to do that. This is to say, if a file can be executed by its owner, but not by other members of the group and any other users, root can execute it as well. If a file can't be executed by its owner or other members of the group, but any other users can, root can execute it as well.

Display Permission and Ownership

ls -l [PATHNAME]...

List information about the files (the current directory by default) using a long listing format.

For example: 

[texpion@com ~]$ ls -l
-rw-rw-r--. 1 texpion texpion    0 Sep  1 10:29 myfile
drwxrwxr-x. 3 texpion texpion 4096 Sep  1 10:29 mydirectory
  • The 1st column is the permission.
  • The 3rd is the user that owns the file.
  • The 4th is the group that owns the file.
  • The last is its name.

stat FILE

Display file or file system status.

For example: 

[texpion@com ~]$ stat ./mydirectory
  File: ./mydirectory
  Size: 4096       Blocks: 8          IO Block: 4096   directory
Device: 801h/2049d Inode: 155078     Links: 3
Access: (0775/drwxrwxr-x)  Uid: ( 1001/    texpion)   Gid: ( 1001/    texpion)
Access: 2018-09-01 10:29:49.658883886 -0400
Modify: 2018-09-01 10:30:44.553320975 -0400
Change: 2018-09-01 10:30:44.553320975 -0400
 Birth: -
The access permission string has the same structure as the string "ls -l" displays except that it doesn't have the 11th (the last) character.

"stat" also displays the permission in the numeric format. That is 0775 in the example. The first number is for special flags.

  • Uid: the user that owns the file.
  • Gid: the group that owns the file.

Meaning of the text format

    For the 1st character

  • "d" means it's a directory, "-" means it isn't.

    • For the next 9 characters

  • "r" stands for "read".
  • "w" stands for "write".
  • "x" stands for "execute".
  • "-" means negative.
  • They are in the order as "read, write, execute".
  • The first 3 characters are for the user.
  • The next 3 characters are for the group.
  • The last 3 characters are for others.

    • For the last character

  • "+" means the file has additional attributes, "." means it has not.
Directory User perm. Group perm. Other perm. Additional attr.
-rw-rw-r--. 1 test test 0 Sep 1 10:29 myfile
- rw- rw- r-- .
yes read, write read, write read only no
drwxrwxr-x. 3 test test 4096 Sep 1 10:29 mydirectory
d rwx rwx r-x .
yes read, write, execute read, write, execute read, execute no

Meaning of the numeric format

The basic structure has 3 octal digits, the 1st represents the permission for the user, the 2nd for the group, and the 3rd for others. If there is 4 octal digit, the first is for special flags.

Each octal digit can be 0 to 7.

  • 1: executable.
  • 2: writable
  • 4: readable.
  • 7=1+2+4: readable, writable and executable.
  • 6=2+4: readable and writable.
  • 5=1+4: readable and executable.
  • 3=1+2: writable and executable.
  • 0: no permission.

Change Permission

Only root and the user who owns the file can change its permission.

chown MODE FILE...

Change the mode (permission) of each FILE to MODE.

MODE format

  • u: user.
  • g: group.
  • o: other.
  • a: all of the above.
  • =: set as the permission on the right.
  • +: grant(add) the permission on the right.
  • -: deny(subtract) the permission on the right.
Mode Equivalents Example Before After
33 033, 0033, go=3 0664/-rw-rw-r-- 0033/-----wx-wx
-1 o-1, o-x 0775/drwxrwxr-x 0664/drw-rw-r--
u=7 u=rwx 0664/-rw-rw-r-- 0764/-rwxrw-r--
a=rx =rx, 555, =555, 0555, =0555 0664/-rw-rw-r-- 0555/-r-xr-xr-x
-w ug-w, -220 0775/drwxrwxr-x 0555/dr-xr-xr-x
+x a+x, ugo+x, +111 0775/drwxrwxr-x 0555/dr-xr-xr-x

Below are some of the most commonly used modes:
+x, 775, 664, 600, 400

Change Ownership

Change to Another User Only

chown USER FILE...

Change the owner of each FILE to USER i.e. Make USER the new owner of each FILE.

Only root can do this.

Change to Another Group Only

chown :GROUP FILE...

Change the group each FILE belongs to to GROUP.

root can do this. If the user owns each FILE and the user belongs to GROUP, the user can do this as well.

Change to USER and Group

chown USER: FILE...

Change the owner to USER and the group to USER's primary group.

For example: 

[root@com ~]# ls -l myfile
-rw-rw-r--. 1 texpion texpion    0 Sep  1 10:29 myfile
[texpion@com ~]# chown root: myfile
[root@com ~]# ls -l myfile
-rw-rw-r--. 1 root  root    0 Sep  1 10:29 myfile

chown USER:GROUP FILE...

Change the owner to USER and the group to GROUP. USER doesn't have to be a member of GROUP.

For example: 

[root@com ~]# ls -l myfile
-rw-rw-r--. 1 texpion texpion    0 Sep  1 10:29 myfile
[texpion@com ~]# chown root:test myfile
[root@com ~]# ls -l myfile
-rw-rw-r--. 1 root  test    0 Sep  1 10:29 myfile

Only root can do this.

Related

Comments

Post a Comment

Popular

Intel 7th and 8th generation processor graphics driver for Windows 7/8/8.1

-
For Intel's 7th and 8th generation processors, the only Windows operating system that Intel supports is Windows 10 x64. There is no official driver for Windows 7, Windows 8, or Windows 8.1.But according to this YouTube video https://www.youtube.com/watch?v=7w9JofZQkxI, the Windows 7's Driver for the 6th gen processors can be installed for the 7th gen processors.According to 6th Generation Intel® Processor for U/Y-Platforms Datasheet, Volume 1 of 2,7th Generation Intel® Processor Families for S Platforms Datasheet, Volume 1 of 2,7th Generation Intel® Processor Families for U/Y Platforms and 8th Generation Intel® Processor Family for U Quad Core Platforms Datasheet, Volume 1 of 2,8th Generation Intel® Processor Family for S-Processor Platforms Datasheet, Volume 1 of 2, The graphics processors on not only Intel 6th gen mobile, but also all 7th and 8th gen processors are all based on Gen 9 LP (generation 9 Low Power) graphics core architecture.The graphics driver for 6th gen proce…
Read more

AV1 vs VP9 vs AVC (h.264) vs HEVC (h.265): Part II - Fidelity

-
Image
In this part, we tested the lossy compression capability. "Lossy" means that in order to reduce data size, the data is inexactly approximated and part of it is discarded. To measure the fidelity of the reconstruction (encoded video) of lossy compression codecs in our tests, we used PSNR (Peak signal-to-noise ratio).The greater the PSNR of two videos, the more similar they are. If the encoded video is lossless, the PSNR will be infinity when compared to the original.We tried to match the PSNR and compared the video stream size, the smaller the size, the better the codec. But it is hard to make the PSNR exactly the same. As mentioned earlier, as of June 2018, the AV1 is still experimental and we were not able to set its constant quality mode as we expected. And AV1 is extremely slow. So we did the AV1 in its vibrate bitrate mode first. We have found that the VP9 produces better results when encoded in its 2-pass constant quality mode (can be set with "-crf"), so we c…
Read more

AV1 vs VP9 vs AVC (h.264) vs HEVC (h.265): Part I - Lossless

-
Image
ConclusionIn terms of lossless compression, x264 and x265 took less time and produced smaller files. All video codecs produced smaller video files than LZMA/LZMA2, the general purpose compression algorithms.In our tests, AV1 takes approximately 160-190x more time than x264 to encode in their lossless mode. AV1 does have a lossless mode, but the output is not lossless at all.VP9 and AV1 can take advantage of multi-threading, but they can not load all CPU cores all the time as x264 and x265 do.NoteAt of June 2018, AV1 is still experimental.We used x264 as the AVC encoder.We used x265 as the HEVC encoder.We used pxz as the LZMA/LZMA2 compressor. LZMA is also the default algorithm of 7-Zip.The AV1 encoder ran with "--cpu-used=4" for "medium" speed, "--tile-columns=4" to enabling multi-threading. All encoders ran in their lossless mode, all other settings were as default.Test 1Source video
sintel_trailer_2k_480p24.y4m
© copyright Blender Foundation | durian.bl…
Read more

AV1 vs VP9 vs AVC (h.264) vs HEVC (h.265): Part IV - Decode

-
Image
In this part, we tested the decoding speed. Especially for video coding formats designed for video transmissions over the Internet, decoding speed could be much more important than encoding speed. We tried to encode in 2-pass vibrate bitrate mode (VBR) to get almost the same file sizes and counted the time needed for converting the encoded videos into raw video files. we decoded in RAM, because decoding is fast and the raw video could be very large. We also encoded in RAM this time, but the improvement of encoding speed, if any, wasn't very impressive.ConclusionAt of June 2018, the AV1 decoder can only decode in a single thread. Decoders for H.264, H265, and VP9 utilize multi-threads.We were not able to play videos encoded with AV1 in Chrome, Firefox Nightly, VLC, both on Windows and LINUX, though those are claimed to be able to.To decode the files encoded with AV1, the CPU time was approximately 3.5-6x longer than that to decode files encoded with x264. This means that it require…
Read more

AV1 vs VP9 vs AVC (h.264) vs HEVC (h.265): Part III - Quality

-
Image
Visual quality is somewhat subjective. However, Efforts are still being made to quantify it. There is a perceptual video quality assessment algorithm developed by Netflix called VMAF - Video Multi-Method Assessment Fusion.We tried to tune different CRF values to encode the video clips we used in previous parts. But unfortunately, we found that decreasing the CRF did not increase the VMAF score, it even dropped a little bit. We are not able to do a quality comparison at this moment.Anyway, a feature of x264 called Psy RDO caught our attention: the human eye doesn't just want the image to look similar to the original, it wants the image to have similar complexity. Therefore, we would rather see a somewhat distorted but still detailed block than a non-distorted but completely blurred block. The result is a bias towards a detailed and/or grainy output image, a bit like xvid except that its actual detail rather than ugly blocking.This preference is quite easy to understand, people wear…
Read more

OBS Studio settings for best quality (loseless) recording

-
Image
OBS - Open Broadcaster Software. Change Color Format to RGB. RGB is the color format in which computer hardwares talk, thus loseless. The lose in transformating to YUV is noticeable, especially for color gradients. H.264 video in RGB color format can be played by VLC and other FFmpeg-based players. Choose FFmpeg and select matroska as the container, libx264rgb as the video encoder, flac as the audio encoder.If your video editor does not support RGB format, select other color format and select libx264 as the video encoder.Decrease the keyframe interval if you have trouble playing the recorded video. For 1080p60fps videos, because the bitrate is so high, even though you set the keyframe interval to 60 (default is 250), you may still have trouble playing the video sometimes, That doesn't mean that the video is broken. If you don't care about playing the recorded video or you transcode it later anyway, you can set the keyframe interval to 600.Video Encoder Settings: preset=ultrafas…
Read more

Install VMAF on Fedora, CentOS/Red Hat (RHEL)

-
VMAF - Video Multi-Method Assessment Fusion.Tested on Fedora 28. For CentOS/Red Hat (RHEL), replace dnf with yum.The following commands install dependencies, download source files from github.com and compile VMAF. sudo dnf install gcc gcc-c++ gcc-gfortran freetype hdf5 git \ python2-tkinter python-numpy python-scipy python-matplotlib python-notebook python-pandas python-sympy python-nose python-scikit-learn python-scikit-image python-h5py git clone https://github.com/Netflix/vmaf.git cd vmaf git submodule update --init --recursive make echo export PYTHONPATH="$(pwd)/python/src:$(pwd)/sureal/python/src:$PYTHONPATH" >> ~/.bashrc source ~/.bashrc sudo make install # Optional Install On Other DistrosFor more info, or if you want to install it on Ubuntu or other distros, visit https://github.com/Netflix/vmaf/blob/df1d890eb6a6d0465d8e1b2a35d81fc60a1bd53a/README.md.RelatedAV1 vs VP9 vs AVC (h.264) vs HEVC (h.265): Part I - LosslessAV1 vs VP9 vs AVC (h.264) vs HEVC (h.265): Pa…
Read more