Ubuntu - managing files & directories with appropriate permission
Published on: 22nd Apr 2014
Updated on: 16th Jul 2025
Overview
Unlike Windows or Ubuntu desktop, the Ubuntu server is able to manage with a console without GUI (graphical user interface). This can be challenging for the first time in accessing the server through the black color console. Nonetheless, managing the file and directory through console is quite easy to learn.
File & directory operations
-
Jump to my home directory,
cd ~/
-
To create directory,
mkdir my_new_directory
-
To remove directory including the sub-directories,
rm -r my_directory
-
To edit a text file, we are using
nano
text editor and here's how we use this text editor.nano filename
Or if the file requires root permission,
sudo nano filename
-
To copy file/directory,
cp from_file to_file
To copy some files into another directory,
cp myfile* /to/another/directory/
-
To rename or move file/directory,
mv old_name new_name
File & directory permissions
-
To change user's home directory,
sudo usermod -d /home/newdirectory -m ftpuser
-
chmod
(change mode) command - for changing the file or directory access permission.-
Using numeric form of permission:
-
To change a directory or file permission (where '777' is full access to everyone - refers to the Reference section in this topic).
chmod 777 my_directory
Or using
sudo
if root permission is requiredsudo chmod 777 my_directory
-
chmod
manages file and directory from three different user perspective aside from the access right, where- 'Owner' is the first number (7 in this case).
- 'Group' is the second number (7 in this case).
- 'Others' (or anyone else) is the third number (7 in this case).
And each flag has three types of access right or action,
- Read (value of 4)
- Write (value of 2)
- Execute (value of 1)
- where
7
is full access (i.e., the sum of1 + 2 + 4
).0
means no access at all.
Notes: if you have a bash file (with
.sh
file extension) that does not have execute access right, then, you will not be able to execute that bash file.
-
-
Using short code form of permission:
-
Grant the write permission to the user,
sudo chmod -R u+w my_path sudo chmod -R +w my_path
Both the commands has the same effect and '-R' means recursive.
-
Grant the write permission to the group,
sudo chmod -R g+w my_path
-
Grant the write permission to the others,
sudo chmod -R o+w my_path
-
OR grant write permission by combining user (u) and group (g),
sudo chmod -R ug+w my_path
-
Here's the notes in the manual,
Each MODE is of the form '[ugoa]*([-+=]([rwxXst]*|[ugo]))+|[-+=][0-7]+'.
where
- 'u' - user.
- 'g' - group
- 'o' - other ('the world')
- 'a' - same as the combination of
ugo
. - 'r' - read permission
- 'w' - write permission
- 'x' - execute permission if it a file or allows access if it is a directory. If you remove 'x' from a directory,
ls
command will return 'Permission denied' error. - 'X' - (capital X) is to allows access a directory and it has no effects on any file.
- 's' - set the execution bits. For example,
sudo chmod g+s /home/user1
will set the current ACL to be inherited to the new files. - 't' - the sticky bit that restricts the directory content to be managed by the owner or root. For example, a sub directory cretated in
/tmp
where/tmp
may have directory created by many programss.
-
-
There is a sticky bit that can be set in a directory where it restricts the directory content to be managed by the owner or root. For example, a sub directory cretated in
/tmp
where/tmp
may have directory created by many programss.For example, the 'temp' directory is accessible by managed by the directory owner
sudo chmod -R 1777 /var/www/app/crm/temp sudo chmod -R a=rwx,o+t /var/www/app/crm/temp2
-
-
We use
chown
command to change the directory/file owner to current user,sudo chown -R $(whoami) my_directory
Or change the owner to 'tester' (an user ID),
sudo chown -R tester my_directory
Or change the owner to 'tester' and group ('officeusers'),
sudo chown -R tester:officeusers my_directory
-
16.Jul.2025: the following script is to remove the file execution permission. This is an important step to secure your server because we don't want that all files that has execution permission.
We create a bash file called
update-perm
with the following contents:#!/bin/bash # set the permission. # - for directory, allows read/write and sub-dir is accessible. # - for file, allows read/write without execute perm. if [ -z $1 ]; then echo "Missing the directory name to be set" exit fi find $1 -type d -exec chmod 775 {} \; find $1 -type f -exec chmod 664 {} \;
- For the directory type, we will set the permission to 775 which will grant full access to the mentioned user ID (the first digit is '7') and the group (the second digit is'7'). Then, anyone other than the mentioned user id and group will be able to access the directory but not allow to make any changes (the third digit is '5' means allows read and execute, ie allows to access the directory and retrieve the contents).
- For the file type, we allows the mentioned user ID (the first digit is '6') and group (the second digit is '6') to be able to read and write the file. For anyone other than the mentioned user ID and group (the third digit is '4'), they will be able to read but not write.
To use this script, you may pass a directory and all sub-directories and files will have limited permission.
./update-perm /var/my-app-directory
With this script, you don't have to type the lengthy commands and it helps to standardize the file permission.
User storage quota
22.Sep.2022: Enable the storage quota for the user.
-
If the user is allowed in accessing the server storage, you may want to limit their usage by setting a quota for them.
sudo apt update sudo apt install quota
-
To confirm that the quota feature has been installed, run this:
quota --version
-
Make sure that the quota module is in the OS.
find /lib/modules/ -type f -name '*quota_v*'
In my virtual machine, I have this result,
/lib/modules/5.4.0-65-generic/kernel/fs/quota/quota_v2.ko /lib/modules/5.4.0-65-generic/kernel/fs/quota/quota_v1.ko /lib/modules/5.4.0-97-generic/kernel/fs/quota/quota_v2.ko /lib/modules/5.4.0-97-generic/kernel/fs/quota/quota_v1.ko
In case the file does not exist, try this:
sudo apt install linux-image-extra-virtual
This is for AWS server,
sudo apt install linux-modules-extra-aws
-
Edit the file system configuration,
sudo nano /etc/fstab
Replaced the 'defaults' word with 'usrquota,grpquota'.
UUID=c474e3a1-a40f-4a66-becf-1fa084f95832 / ext4 usrquota,grpquota 0 0
Notes: you may have different UUID value and it is ok.
-
After that, we will have to remount the file system with the following command,
sudo mount -o remount /
To verify the changes, run the following command.
cat /proc/mounts | grep ' / '
I see the following result.
/dev/sda2 / ext4 rw,relatime,quota,usrquota,grpquota 0 0
Notes: you may have different value of '/dev/sda2' and it is ok.
-
Now, we are ready to turn on the quota module,
sudo quotacheck -ugm /
Where 'u' is user, 'g' is group and 'm' is no remount.
For more information about the paramters, please refers to https://manpages.ubuntu.com/manpages/bionic/man8/quotacheck.8.html
This generates 2 files (aquota.group and aquota.user):
tester@ubuntu11:~$ ls -la / total 132 drwxr-xr-x 23 root root 4096 Sep 22 10:36 ./ drwxr-xr-x 23 root root 4096 Sep 22 10:36 ../ -rw------- 1 root root 10240 Sep 22 10:36 aquota.group -rw------- 1 root root 8192 Sep 22 10:36 aquota.user drwxr-xr-x 2 root root 12288 Feb 3 2022 bin/ drwxr-xr-x 3 root root 4096 Feb 3 2022 boot/ ...
-
Reboot the server. This is to ensure that the server is able to start normally after the above changes.
-
Finally, you may set the quota for the user. In the following example, I'll allocate 1GB storage space to myftpuserid account.
sudo setquota -u myftpuserid 1G 1.2G 0 0 /
Notes: the first 1G is the soft limit and then the 1.2G is the hard limit. The last two zero is to limit by the number of files.
-
In case you want to review the quota usage, run the following commands.
sudo repquota -s /
References
-
For more details about
chmod
command: -
For more details about
chown
command: -
How To Set Filesystem Quotas on Ubuntu 20.04:
https://www.digitalocean.com/community/tutorials/how-to-set-filesystem-quotas-on-ubuntu-20-04
-
11.Aug.2024 - fixing disk space issue in Linux:
https://docs.digitalocean.com/support/how-do-i-fix-disk-space-issues-on-my-droplet/
Related posts
Back to #UBUNTU blog
Back to #blog listing
Author
Lau Hon Wan, software developer.