By Konstantinos Patronas

Linux: chmod awesome tips and tricks

chmod tips and tricks!

Linux: chmod awesome tips and tricks
Photo by Gabriel Heinzer on Unsplash

One of the most common tasks in Linux is setting file permissions, on this article we will explore some cool tips on how to do you job easier!

umask

By default, on Linux the default file permissions are 666 for files and 777 for directories (execute permission on a directory means to cd and ls files inside the directory); but there is also the umask value which allows us to modify the default permissions. umask is by default 0022 which means that the effective permissions for new files are 666–022 = 644 and 777–022=755 for directories. To modify the default umask value globally we must add it to a global configuration file like /etc/profile , for per user umask settings to a local configuration file like ~/.bashrc ; the entry should be something like this. In most cases there is no reason to change the default value of umaskumask 022

By default, on Linux systems, the default creation permissions are 666 for files, which gives read and write permission to user, group, and others, and to 777 for directories, which means read, write and execute permission to user, group, and others. Linux does not allow a file to be created with execute permissions.

Reset file permissions

As we said default file permissions in Linux without changing the default umask value of 0022 is 0644 ; if we need to reset the file permissions for a file we can just chmod 664 <file> but if we want to do this on a recursive basis or based criteria like modification or access time we can use the find command to help us.find . -type f -exec chmod 0644 {} \;

Reset directory permissions

For directories the default file permission is 755 assuming that umask is 022 , with the same logic as the above we can reset the directory permissions using find but only for directories using the -type d parameter.find . -type d -exec chmod 0755 {} \;

Makes the permissions of file2 the same as file1

This is really cool! many times i need to copy the permissions of one file to another which can be error prone! fortunately chmod has a built in functionality to do thischmod --reference file1 file2

SUID

Setting the Set User ID bit allows any user to execute a program with the as owner of the program, create the following set_uid.c file#include <stdio.h>
#include <unistd.h>
int main () {
 int real = getuid();
 int euid = geteuid();
 printf("The REAL UID =: %d\n", real);
 printf("The EFFECTIVE UID =: %d\n", euid);
}

Compile the filegcc -o set_test set_test.c

This will produce an executable file named set_test, Lets change the ownership of this file to the root usersudo chown root: ./set_test

Now the owner is root-rwxr-xr-x  1 root      root       17K May  8 20:33  set_test

if we try to run this file as a regular user will print that the real UID is the same as the effective UID, the effective UID defines that the program runs with the rights of the effective user.kpatronas@prometheus:~$ ./set_test
The REAL UID =: 1000
The EFFECTIVE UID =: 1000

Lets do a change to the Set User ID bit to allow this script to be executed as root (the owner of the file) from by any user.kpatronas@prometheus:~$ sudo chmod u+s ./set_test
kpatronas@prometheus:~$ ./set_test
The REAL UID =: 1000
The EFFECTIVE UID =: 0

The effective UID is now 0 which is the UID of the root user, the owner of the file, using this way we can run a program as any user without using the sudo command.

We can identify programs that have their Set User ID, note the s in the user rights-rwsr-xr-x  1 root      root       17K May  8 20:33  set_test

I hope you found this article useful :)