Oracle Linux Basic Administration Series - Part 5 - How to Manage File Permissions and Ownership in Oracle Linux

File permissions and ownership are at the heart of Linux security and system management. Every file and directory in Oracle Linux has a set of permissions and ownership attributes that determine who can read, write, or execute it.

In this blog, you’ll learn how to:

• View and understand file permissions

• Change permissions using chmod

• Change ownership using chown and chgrp

• Work with special permissions like SUID, SGID, and the sticky bit

  
  

Step 1: Understanding File Ownership

Each file in Linux has:

1. Owner (User): who created or owns the file.

2. Group: users who share access rights.

3. Others: everyone else on the system.

To view file ownership and permissions:

ls -l

Example output:

Breakdown:

• -rw-r-r-- → permissions

• alice → owner

• developers → group

• 1234 → file size

• report.txt → file name

  
  

Step 2: Understanding Permission Structure

Each file permission string (e.g., -rw-r--r--) is divided into 4 parts:

Combine values to set permissions numerically.

Example:rw- = 4+2 = 6r-- = 4r-x = 5

So:

rw-r--r-- = 644
rwxr-xr-x = 755

Step 3: Changing Permissions with chmod

Use chmod to change file or directory permissions.

Using symbolic mode:

chmod u+x script.sh

Adds execute permission for the user (owner).

Other examples:

chmod g+w report.txt   # Add write permission for group
chmod o-r file.txt     # Remove read permission for others

Using numeric mode:

chmod 755 script.sh

Step 4: Changing File Ownership with chown

To change the owner of a file:

sudo chown newuser file.txt

Example:

To recursively change ownership of a directory:

sudo chown -R joe:developers /data

Step 5: Changing Group Ownership with chgrp

You can also change group ownership using chgrp:

sudo chgrp developers file.txt

Step 6: Default Permissions and umask

When new files or directories are created, they get default permissions determined by umask.

View your current umask:

umask

Default permissions are calculated as:

777 (dirs) or 666 (files) - umask

So, for 0022:

• New directories → 755

• New files → 644

To temporarily change umask:

umask 0027

Step 7: Special Permissions (SUID, SGID, Sticky Bit)

SUID (Set User ID)

When applied, a program runs with the owner’s privileges.

Example:

chmod u+s /usr/bin/someprogram

You’ll see an s in the owner field (-rwsr-xr-x).

SGID (Set Group ID)

Files created in a directory inherit the group of the directory.

Example:

chmod g+s /shared

You’ll see an s in the group field (drwxr-sr-x).

Sticky Bit

Prevents users from deleting others’ files in shared directories (like /tmp).

Example:

chmod +t /shared

Step 8: Verify Changes

To confirm permissions and ownership:

ls -l

To check numeric permissions:

stat file.txt

Example:

Access: (0644/-rw-r--r--)  Uid: (1001/alice)   Gid: (1001/developers)

Conclusion

You’ve now been through the essentials of file permissions and ownership in Oracle Linux.

This knowledge ensures your system is secure and that only authorized users can access or modify critical files.

In the next post, I will cover how to manage system services with systemctl, the modern way to control background processes and startup behavior in Oracle Linux.