- A user may be a member of multiple groups.
- A file is be owned by exactly one group and one user.
- If the user is a member of the file's owner group (i.e., group
foo
owns the file and one of the user's groups is foo
), then the respective group permissions apply to that user (unless overridden by the owner permissions).
The owner group is part of the file's ownership. Consider:
$ stat /usr/bin/crontab
File: ‘/usr/bin/crontab’
Size: 35984 Blocks: 72 IO Block: 4096 regular file
Device: 803h/2051d Inode: 131439 Links: 1
Access: (2755/-rwxr-sr-x) Uid: ( 0/ root) Gid: ( 103/ crontab)
Access: 2015-02-05 20:20:43.438507538 +0530
Modify: 2013-02-09 12:32:23.000000000 +0530
Change: 2014-09-30 19:22:09.508515013 +0530
Birth: -
This states that the file's ownership is with user root
and group crontab
.
Say I'm member of group A, group B, and group C.
Now I create a file somewhere. ... [To] which group get's the owner_group permissions applied ?
That depends on what your primary group is at the time you created that file. The primary group is the first one listed when you run the groups
command. Usually, this is determined by your GID. However, you can temporarily set one of your other groups as primary using the newgrp
command. For example:
$ groups
muru adm cdrom sudo dip plugdev lpadmin sambashare
$ rm foo; touch foo
$ stat -c %G foo # this prints the owner group of the file
muru
$ newgrp sudo
$ rm foo; touch foo
$ stat -c %G foo
sudo
I have the distinct feeling I don't really understand something here, or that I misunderstand the meaning of the term "owner group".
That the owner group is an attribute of the file, not the user.
I understand the string (after the first char) is partitioned into groups of 3 (rwx) for
owner
owner_group
all/world/anyone
Slightly off: the third field is others, not all. Others covers everyone except the owner of the file and members of the owner group of the file. The distinction comes into play when using symbolic modes with chmod
:
chmod a-x
takes away everyone's execute permissions
chmod o-x
takes away everyone else's execute permission, while leaving the owner and owner group's execute permission untouched.
Lastly, a note on user private groups. UPGs are fairly common on desktop systems, but do not take them for granted elsewhere. If UPGs are enabled, it is likely that the user's primary group and username have the same numeric id and name, and there is a unique group for each user. That is all.
Best Answer
as mentioned above there are 3 sections to the permissions for an example which may be easier to understand here is how it is broken down
say root is the owner/user of the file say video is the group and then as mentioned there is the world/other section which covers anyone that doesn't fit in the first two.
Now if the file has permissions like
Then the root user would have full read write control over the file. Any user in the video group (user1) would have read permissions but would not have access to modify the file. Anyone else would not even be able to view the contents of the file.
as mentioned sudo chmod can be used to change the permissions of a file. Usage of chmod is too large to explain here but a simple breakdown is like this:
so if you wanted to set a file so that the user/owner of the file can have full access and you wanted the group to have read and be able to execute the file (such as a script) and you wanted everyone else only be able to execute the file the command would be:
to remove a permission you just use a minus instead of the plus... so if you decided that you didn't want "world/other" to be able to execute that file you would just use
You will also see numbers used at times and I would actually have to look those up but basically I know that 7 is full permissions so if you did:
it would set the permissions to read write execute for user (first seven) group (second 7) and world/other (third 7).
There is also a recursive code (-R note the capitalization it must be uppercase) .. if you wanted to change all the files in one directory and its sub-directories (be careful with this command because if you type the wrong path you can set permissions for files you may not want to touch) but it would look something like this:
this would change the permissions for the folder blah, all the files and all its sub-directories and files to have full read/write/execute for anyone.
Hope this gives you a better understanding of chmod and permissions. If you need more you can just do a search on chmod commands and you should find the information you need