Permissions: What they are and mean in Easy OS?

[hundido]

I need to change the permissions on an internal storage drive I set up in my computer.

I'm trying to understand the options.

Permissions mean who the operating system allows to do what in a directory or file, right?

(This is the space I might put a summary/notes, if someday I understand this well enough to do so. Edited b/c I realize I might not understand this well enough to make the summary I'd like to make)

From /mnt/sda1, if I Left Click, Dir"Documents">Properties, I see I can choose Read, Write, and Execute for Owner, Group, and World.

Is Owner the Easy OS install on a USB that I'm using now?
Who is Group?
Who is World?
Would Group or World include the other OS installations I have on this computer?

What's the difference between those options, and the ones found under Dir"Documents">Permissions?

Thank you, kind forum friends, for your insights and answers.

[wiak]

Three identities are involved: OwnerGroupWorld

three sets of permissions for each, being read (r), write (w) and execute rights (x). A dash means that permission for that identity is not set.

Example: Say you have a /mnt/home/DirectoryA that command ls -al tells you has the following permissions set on it:

Code: Select all

rwxr-x---

That means the user owner assigned to that directory can (rwx) read, write and/or execute (allowing that owner to also cd into the directory)
Members of the group assigned to that directory can only (r-x) read or execute but not write (e.g. rename it).
People who are neither the user owner nor in that group (i.e. Everyone else in the World) that has some assigned rights above just get permissions ---, which means they can neither read, write nor execute, so no rights at all to that DirectoryA resource.

For example, if you are user 'spot' and want spot to be able to read, write, execute to that DirectoryA, one way would be to make them 'own' it (i.e. become its owner). As root admin you could arrange that via command:

Code: Select all

chown -R spot:spot /mnt/home/DirectoryA

I included the -R in case DirectoryA contained other files and subdirectories and you want spot to own all of these. -R means (Recursive) setting all their permissions such that spot owns them all...

Of course you can also use chmod command (various options) to instead assign different permissions to the different OwnerGroupWorld identities.
For example:

Code: Select all

chmod +x /mnt/home/DirectoryA

doesn't mention 'who' so basically gives execute permission to everyone of OwnerGroupWorld.

Naturally, there are UNIX/Linux commands to create new groups and new users and chmod user details to make them members of whatever groups you want and set permissions as you then want to via chown and/or chmod commands. Just takes practice to get used to it. One warning is that several files are often involved under the hood nowadays; in the past it was common just to edit files such as /etc/passwd and /etc/group but because of various security techniques (such as shadow passwd file) it is better to leave utilities designed to change owners and groups and so on to do the actual configurations for you. i.e. the likes of chown, chmod, useradd, groupadd, and similar - sometimes its adduser... busybox binary provides most of these though with limited (sometimes different) options than, for example, man chmod would reveal for core utils (often that version is a binary stored in /usr/bin/chmod or similar whereas busybox chmod is a busybox builtin accessed usually via a symlink called chmod.

Even on Puppy, it is well worth understanding and using permissions like above since allows you to give spot more locations where it can save and access files than would be provided by default. Also makes it easy using a full multiuser system when you otherwise only had experience being root user with full admin rights all the time; it is not difficult to admin a system as a normal user once you master how permissions, resource ownership works - even sudo becomes less of a pain once you set it up to not need any passwords for certain groups or individual users (since as a Puppy user you already declared that you are happy working as a full admin root user in terms of permissions and security...).

Much the same as the above applies to files (in fact directories are just a type of special file really). Main difference is execute permission on a file allows you to run that as a program (assuming it is one, or a shell script for example) whereas both r and x permissions are needed to cd into a directory.

Don't panic if you first make a mess of setting up permissions for OwnerGroupWorld to a resource, you can always change the whole thing back again to be owned by root user with:

chown -R root:root path_to_resource

and then, as root user (or someone with such admin rights), use chmod command to assign whatever permissions you want. But it is pretty easy to set up any file or directory (and its contents if you wish using -R) for use by user spot anyway.