As we dig deeper into the objectives for the LPIC-3 303 exam we now start to look at the discretionary access control lists. This makes up the mode and ACL of a file. The original permissions are known as the file’s mode which were eventually enhanced with ACLs, Access Control Lists. The mode of a file allows for a single user and group to be listed along with others; whereas an ACL allows for multiple users and groups to be listed.
We start by looking at the standard permissions or mode of a file and how we can read Linux file permissions. By this stage you probably can use the command ls -l to read file permissions but you will also learn to use stat to list the octal, symbolic and raw modes of a file.
$ ls -l file1 -rw-rw-r--. 1 centos centos 0 Jun 19 15:56 file1
The long listing of a file will show the symbolic permissions granted to the user, group and others. The user’s permissions listed first then the group before listing permissions granted to others.
Read Linux File Permissions with stat
We can also read Linux file permissions with the command stat:
$ stat file1
The output is quite verbose and not listed here but we can narrow down to what we want.:
$ stat -c %A file1 -rw-rw-r--
$ stat -c %a file1 664
Here we can see the mode in both the symbolic notation and octal notation. We may think that the octal notation is the way the mode is stored in the meta-data but this would be incorrect. There is a raw mode and stores both the mode and the file type. To view this we use:
$ stat -c %f file1 81b4
The output is in HEX. To view this in a more familiay way lets pass it through the command printf:
$ printf "%o\n" 0x81b4 100664
The first 10 represents the file type, a regular file ion this case. A directory would show as 4 in place of the 10. The file’s mode is 0664 being rw rw and r. To be honest the ls -l command works well but it is good to know the stat command when you need to dig a little deeper.