UNIX / Linux: Explain The Nine Permissions Bits On Files

Author: Last updated: February 24, 2010 1 comment

Can you completely explain the nine permissions bits on UNIX or Linux files?

Each file in UNIX or Linux has the nine permission bits as follows:
ls -l /etc/hosts
Sample outputs:

ADVERTISEMENTS

-rw-r--r-- 1 root root 401 2009-12-20 12:08 /etc/hosts

The Entry Type

There are total 10 bits -rw-r–r–:
The file mode printed under the -l option consists of the entry type (1st bit) and the permissions (9 bits). The entry type character describes the type of file, as follows:

  1. Regular file.
  2. b Block special file (stored in /dev).
  3. c Character special file (stored in /dev).
  4. d Directory.
  5. l Symbolic link.
  6. p FIFO.
  7. s Socket.
  8. w Whiteout.

Examples

Show directory type with the ls command:
ls -ld /etc
Sample outputs:

drwxr-xr-x 170 root root 12288 2010-02-24 11:39 /etc

Show block device type (hard disk) with the ls command:
ls -l /dev/sda
Sample outputs:

brw-rw---- 1 root disk 8, 0 2010-02-24 11:32 /dev/sda

The Permissions Bits

The next three fields are three characters each for

  • File owner permissions
  • File group permissions
  • Other permissions (not part of both owner or group)

Each field has three character positions as follows:

  1. r : The file is readable; if – it is not readable.
  2. w : the file is writable; if -, it is not writable.
  3. S : If in the owner permissions, the file is not executable and set-user-ID mode is set. If in the group permissions, the file is not executable and set-group-ID mode is set.
  4. s : If in the owner permissions, the file is executable and set-user-ID mode is set. If in the group permissions, the file is executable and set group-ID mode is set.
  5. x : The file is executable or the directory is searchable.
  6. : The file is neither readable, writable, executable, nor set-user-ID nor set-group-ID mode, nor sticky.

These next two apply only to the third character in the other permissions.

  1. T The sticky bit is set (mode 1000), but not execute or search permission.
  2. t The sticky bit is set (mode 1000), and is searchable or executable.

References:

  • ls command man page
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
UP NEXT
CategoryList of Unix and Linux commands
File Managementcat
FirewallCentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
1 comment… add one
  • Dinesh Feb 10, 2011 @ 7:43

    It understands very well.

    Could you please elaborate about small t and big T and same for small s and big S?

    Reply Link

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.

Next FAQ:

Previous FAQ: