Lesson 4. Directory Ownerships andPermissionsKey Concepts• Because directories are also files, they have a user owner, a group owner, and a set of permissions.• Read permissions allow a user to list the contents of a directory.• Write permissions allow a user to add or remove files.• Execute permissions allow a user to access a file within the directory.• Directory permissions are modified with the chmod command.DiscussionWhen someone is using a file within Linux, they are generally either reading its information, modifyingits information, or trying to execute the file as a script or application. Therefore the permission typesalready discussed, namely (r)ead, (w)rite, and e(x)ecute have very natural interpretations.To Linux, a directory is just a special type of file, therefore it also has the same types of permissions((r)ead, (w)rite, and e(x)ecute), a user owner, a group owner, and the same classes of access ((u)ser,(g)roup, and (o)ther.) However, directories are obviously used differently. Would it be meaningful toopen a directory in an editor, such as pico /home/elvis? Because people use directories differently,directory permissions have different interpretations.What do people do with directories? They list their contents with the ls command. They remove filesfrom them, create new files within them, and move files from one directory to another. Directorypermissions should allow a directory owner to control who can perform which of these operations.Linux considers listing a directory’s contents (as with the ls command) analogous to "read"ing adirectory, and therefore someone must have (r)ead permissions to list its contents. Adding or removing afile from a directory is considered "write"ing to the directory, and therefore someone must have (w)ritepermissions in order to shuffle files within the directory.There is no reasonable analogy to "execute"ing a directory, so Linux doesn’t try to define a similarbehavior. Instead, the e(x)ecute permission controls a behavior for directories which has nothing to dowith command execution. In order to access any file within a directory, a user must have e(x)ecutepermission. This permission could more appropriately be called "access" permission, but because thethird permission was already called "execute" for regular files, the same word (and letter) is used fordirectories as well. In order to refer to any file within a directory (including subdirectories!), a user musthave e(x)ecute permissions.The first row of the following table should look familiar. It restates how to interpret permissions forregular files, as presented earlier. A row for directories has been added in order to compare and contrastpermission interpretation for both file types.Table 4-1. Permissions for Regular Files and Directories(r)ead (w)rite e(x)ecuteregular file view the file modify the file use the file as acommand1Review CopyLesson 4. Directory Ownerships and Permissions(r)ead (w)rite e(x)ecutedirectory list directory contents add or remove files access file within thedirectoryExamplesExample 1. New Directory DefaultsNewly created regular files are readable by everybody, but can only be modified by the user and groupowner of the file. How are newly created directories handled? Consider nero, who is collecting censusdata from his various provinces. He decides to create a directory called /tmp/census to hold all of hisdata.[nero@station nero]$ mkdir /tmp/census[nero@station nero]$ ls -ld /tmp/census/drwxrwxr-x 2 nero nero 4096 Jan 16 15:33 /tmp/census/Why did nero need to add the -d command line switch to the ls command?Note that the default permissions for newly created directories are rwxrwxr-x. These permissions havethe following implications:1. Anyone can access files within the directory.2. Anyone can list the files within the directory.3. Only the directory owner (or members of the group owner) can add or remove files from within thedirectory.For example, decides he would like to browse nero’s census information. Notice that julius can browsethe directories, and the files within the directories, but because of the default directory permissions, hecannot add or remove new files. Because of the default file permissions, he can view, but not modify, thecontents of the files.[julius@station julius]$ ls -al /tmp/census/total 20drwxrwxr-x 2 nero nero 4096 Jan 16 15:48 .drwxrwxrwt 23 root root 4096 Jan 16 15:45 ..-rw-rw-r-- 1 nero nero 42 Jan 16 15:48 egypt.dat-rw-rw-r-- 1 nero nero 42 Jan 16 15:48 gaul.dat-rw-rw-r-- 1 nero nero 42 Jan 16 15:47 iberia.dat[julius@station julius]$ rm /tmp/census/iberia.datrm: remove write-protected regular file ‘/tmp/census/iberia.dat’? yrm: cannot remove ‘/tmp/census/iberia.dat’: Permission denied[julius@station julius]$ echo "110 CE 42" > /tmp/census/thrace.dat-bash: /tmp/census/thrace.dat: No such file or directory[julius@station julius]$ cat /tmp/census/gaul.dat110 CE 45430120 CE 53200130 CE 55820[julius@station julius]$ echo "140 CE 583420" >> /tmp/census/gaul.dat-bash: /tmp/census/gaul.dat: Permission deniedrevision 2003.01.30 draft 2Review CopyLesson 4. Directory Ownerships and PermissionsExample 2. Home DirectoriesNotice that a user’s home directory does not follow the default permissions.[nero@station nero]$ ls -ld ~drwx------ 3 nero nero 4096 Jan 16 16:04 /home/nero[nero@station nero]$ ls -l /home/total 120drwx------ 3 alice alice 4096 Jan 15 08:04 alicedrwx------ 3 augustus augustus 4096 Jan 14 15:22 augustusdrwx------ 3 austin austin 4096 Jan 14 15:22 austindrwx------ 3 blondie blondie 4096 Jan 14 13:46 blondie...[nero@station nero]$ ls -l ~augustusls: /home/augustus: Permission deniedIn Red Hat Linux, home directories are "protected". By default, only the user that owns a home directoryhas access. Have you noticed that most of our exercises involving multiple users accessing a file haveused the /tmp directory rather than a user’s home directory? Why have we not used a user’s homedirectory instead?Example 3. Creating a ~/pub DirectoryNero would now like to make his census data available to the world at large. In Red Hat Linux, there aregenerally only two places where users can create files, the /tmp directory and ~ (the user’s homedirectory.) In the first example, nero chose to create a census directory within /tmp. In Red Hat Linux,however, the /tmp directory is "swept." If a file within the /tmp is not accessed for 10 days, it isremoved from the system.In order to create a permanent,