Understanding Linux File Permissions and User Groups

During testing, managing file and user/group permissions is essential, and this guide summarizes the relationship between files, users, and groups on Linux systems.

1. Basic concepts

User group concept – In a team development scenario, two groups (test1 with users 1‑3 and test2 with user 4) are created so that members of one group can modify each other's files while other groups cannot see those files.

The diagram shows two groups (group1 and group2) and the permissions for group1's users.

File permissions – For group1 the permission string is -rwxrwx--- , where each character set represents owner, group, and others permissions respectively. File types (‑, d, l, b, c) are also mentioned.

rwx

rwx

---

Current owner permissions (User)

Group permissions (Group)

Other permissions (Others)

2. Specific usage

2.1 Create groups and users

# groupadd test1

# cat /etc/group   # view group info

# useradd -g test1 user1

# cat /etc/passwd   # view user info

2.2 Change file ownership and group

Commands:

# chgrp

# chown

# chmod

Example:

# chgrp users install.log

Note: The group must exist in /etc/group or the command will fail.

2.3 chmod examples

Method 1 – numeric mode: # chmod 577 filename changes permissions from rwxrwxrwx to r-xrwxrwx .

Method 2 – symbolic mode: # chmod u-w filename removes write permission for the owner.

2.4 Additional group management commands

groupdel – delete a group

groupmod – modify a group

groups – list groups of a user

grpck – verify group file integrity

grpconv – synchronize /etc/group and /etc/gshadow

grpunconv – reverse synchronization

3. Meaning of the "ll" command output

The displayed table shows file attributes such as type (d, -, l, b, c), link count, owner, group, size, modification date, and name.

4. Significance of permissions

File permissions – read (r) allows viewing content, write (w) allows modifying content, execute (x) allows running the file; execution depends on file attributes, not the name.

Directory permissions – read (r) lists directory contents, write (w) allows creating/deleting/renaming entries, execute (x) permits entering the directory.

Understanding user/group relationships and file permissions greatly improves workflow efficiency.