coreutils: Mode Structure

1 
1 27.1 Structure of File Mode Bits
1 ================================
1 
1 The file mode bits have two parts: the “file permission bits”, which
1 control ordinary access to the file, and “special mode bits”, which
1 affect only some files.
1 
1    There are three kinds of permissions that a user can have for a file:
1 
1   1. permission to read the file.  For directories, this means
1      permission to list the contents of the directory.
1   2. permission to write to (change) the file.  For directories, this
1      means permission to create and remove files in the directory.
1   3. permission to execute the file (run it as a program).  For
1      directories, this means permission to access files in the
1      directory.
1 
1    There are three categories of users who may have different
1 permissions to perform any of the above operations on a file:
1 
1   1. the file’s owner;
1   2. other users who are in the file’s group;
1   3. everyone else.
1 
1    Files are given an owner and group when they are created.  Usually
1 the owner is the current user and the group is the group of the
1 directory the file is in, but this varies with the operating system, the
1 file system the file is created on, and the way the file is created.
1 You can change the owner and group of a file by using the ‘chown’ and
1 ‘chgrp’ commands.
1 
1    In addition to the three sets of three permissions listed above, the
1 file mode bits have three special components, which affect only
1 executable files (programs) and, on most systems, directories:
1 
1   1. Set the process’s effective user ID to that of the file upon
1      execution (called the “set-user-ID bit”, or sometimes the “setuid
1      bit”).  For directories on a few systems, give files created in the
1      directory the same owner as the directory, no matter who creates
1      them, and set the set-user-ID bit of newly-created subdirectories.
1   2. Set the process’s effective group ID to that of the file upon
1      execution (called the “set-group-ID bit”, or sometimes the “setgid
1      bit”).  For directories on most systems, give files created in the
1      directory the same group as the directory, no matter what group the
1      user who creates them is in, and set the set-group-ID bit of
1      newly-created subdirectories.
1   3. Prevent unprivileged users from removing or renaming a file in a
1      directory unless they own the file or the directory; this is called
1      the “restricted deletion flag” for the directory, and is commonly
1      found on world-writable directories like ‘/tmp’.
1 
1      For regular files on some older systems, save the program’s text
1      image on the swap device so it will load more quickly when run;
1      this is called the “sticky bit”.
1 
1    In addition to the file mode bits listed above, there may be file
1 attributes specific to the file system, e.g., access control lists
1 (ACLs), whether a file is compressed, whether a file can be modified
1 (immutability), and whether a file can be dumped.  These are usually set
1 using programs specific to the file system.  For example:
1 
1 ext2
1      On GNU and GNU/Linux the file attributes specific to the ext2 file
1      system are set using ‘chattr’.
1 
1 FFS
1      On FreeBSD the file flags specific to the FFS file system are set
1      using ‘chflags’.
1 
1    Even if a file’s mode bits allow an operation on that file, that
1 operation may still fail, because:
1 
1    • the file-system-specific attributes or flags do not permit it; or
1 
1    • the file system is mounted as read-only.
1 
1    For example, if the immutable attribute is set on a file, it cannot
1 be modified, regardless of the fact that you may have just run ‘chmod
1 a+w FILE’.
1