Setting Default File Permissions

From PHASTA Wiki
Revision as of 09:59, 4 July 2020 by Jrwrigh (talk | contribs) (Init information)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This page will review how to set default file permissions for a directory. This is often used when working in HPC "scratch" directories where members of the same research group (like us) want to give each other some default file permissions on every file created in those directories, regardless of who created them.


Basics of Unix/POSIX File Permissions

What are they?

  • All files and directories have permissions assigned to them
  • All files and directories have a designated user and group "owners", known as file owner and file group respectively
    • By default, these are the ones that created the directory/file, but this can be changed using `chown`
  • There are three different "levels" of file permissions in a standard POSIX: read (r), write (w), and execute (x).
    • Read allows viewing the contents of the file/directory, and copying the files
    • Write allows rewriting and deleting files. For a directory with write permissions, it also allows creation of subdirectories and creation of new files
    • Execute allows files to be executed directly.
      • Note that for script files (such as bash or python), they can still be run by passing the file to it's interpreter if the file is readable (ie. bash non_executableScript.sh is still possible if non_executableScript.sh has rw- permissions).
  • These different levels of file permissions are assigned to three different groups of users: "users", "groups", and "others".
    • "Others" simply refers to any users that don't fall into the other two categories

As an example, if you run ls -l on a directory, you might see: 

drwxr-x---+ 2 jrwrigh7 a1983 4.0K 2020-07-04 08:09 test2
-rw-r-x---+ 1 jrwrigh7 a1983   38 2020-07-02 12:38 test2file
lrwxrwxrwx  1 jrwrigh7 a1983    9 2020-07-04 08:40 test2fileLink -> test2file


The first block (-rw-r-x---+) shows the permissions for the file. The user owner is shown as jrwrigh7 and the group owner is a1983.

Permissions Block

  • First character displays what kind of file it is, be it a link (l), directory (d), regular file (-), etc.
  • The next 9 characters show the permissions for the file owner, file group, and "others".
  • The last character is optional. A + means that there are other permission rules not displayed. This is where ACL rules come into play.

See the ls coreutils manual for more information on the 'long' format for ls.

How are they set?

Setting ACL Rules

Retrieved from "https://fluid.colorado.edu/wiki/index.php?title=Setting_Default_File_Permissions&oldid=686"