File Permissions & Ownership
Manage Linux file permissions for deep learning workflows. Fix permission errors, set up shared datasets, configure script execution rights, and handle multi-user access.
Overview
File permissions control who can read, write, or execute files on Linux systems. This is crucial for:
- Running bash scripts
- Sharing datasets between users
- Securing sensitive files
- Managing group access on shared systems
Quick Reference
Common Permission Commands
# Make script executable
chmod +x script.sh
# Make readable by everyone
chmod a+r data.txt
# Recursive permission change (directories)
chmod -R 755 my_datasets/
# Change ownership
chown user:group file.txt
# Recursive ownership change
chown -R user:group datasets/Making Scripts Executable
Basic Usage
# Give execute permission
chmod +x /path/to/yourscript.sh
# Run from absolute path
/path/to/yourscript.sh
# Or run from current directory
./yourscript.shUsing Relative vs Absolute Paths
# If script is in current directory
chmod +x myscript.sh
./myscript.shThe ./ indicates “current directory”
# Full path to script
chmod +x /home/user/scripts/myscript.sh
/home/user/scripts/myscript.shCan be run from any directory
# Add scripts directory to PATH
export PATH="$PATH:$HOME/scripts"
# Now run without ./
myscript.shMost convenient for frequently used scripts
Understanding Permission Numbers
Permission Structure
chmod 755 file.txt
^^^
|||
||+-- Others (everyone else)
|+--- Group (users in same group)
+---- Owner (you)Permission Values
| Number | Permissions | Meaning |
|---|---|---|
| 7 | rwx | Read + Write + Execute |
| 6 | rw- | Read + Write |
| 5 | r-x | Read + Execute |
| 4 | r-- | Read only |
| 0 | --- | No permissions |
Common Combinations
# Owner: read+write+execute, Others: read+execute
chmod 755 script.sh
# Owner only can execute (secure)
chmod 700 secure_script.sh# Everyone can read, owner can write
chmod 644 data.csv
# Group can also write (shared projects)
chmod 664 shared_data.csv# Standard directory permissions
chmod 755 datasets/
# Shared directory (group write access)
chmod 775 shared_datasets/
# Private directory
chmod 700 private/Symbolic Permissions (Alternative)
Instead of numbers, you can use letters:
# Add execute for owner
chmod u+x script.sh
# Add read for everyone
chmod a+r data.txt
# Remove write from others
chmod o-w sensitive.txt
# Set group to read+write
chmod g=rw shared.csvBreakdown:
-
u= user (owner) -
g= group -
o= others -
a= all -
+= add permission -
-= remove permission -
== set exact permission
Ownership Management
Change Owner
# Change owner
sudo chown username file.txt
# Change owner and group
sudo chown username:groupname file.txt
# Recursive for directories
sudo chown -R username:groupname datasets/Practical Example: Shared Dataset
# Create shared directory
sudo mkdir -p /data/shared_datasets
# Change ownership to group
sudo chown -R :ml_team /data/shared_datasets
# Set permissions: group can read/write
sudo chmod -R 775 /data/shared_datasets
# Set default group for new files
sudo chmod g+s /data/shared_datasetsCommon Scenarios
Scenario 1: Downloaded Script Won’t Run
Problem: bash: ./script.sh: Permission denied
Solution:
chmod +x script.sh
./script.shScenario 2: Share Dataset with Team
Problem: Need to share large dataset with research group
# Add users to group
sudo usermod -aG ml_team alice
sudo usermod -aG ml_team bob
# Set directory permissions
sudo chown -R :ml_team /datasets/imagenet
sudo chmod -R 775 /datasets/imagenet
# New files inherit group (setgid)
sudo chmod g+s /datasets/imagenet# Install ACL tools
sudo apt install acl
# Give specific users access
setfacl -R -m u:alice:rwx /datasets/imagenet
setfacl -R -m u:bob:rwx /datasets/imagenet
# Set default ACL for new files
setfacl -R -d -m u:alice:rwx /datasets/imagenetScenario 3: Secure Private Keys/Credentials
Problem: Protect sensitive files from other users
# SSH keys, API keys, credentials
chmod 600 ~/.ssh/id_rsa
chmod 600 credentials.json
# Private scripts
chmod 700 my_private_script.shScenario 4: Fix “Others Can Read” Warning
Problem: Warning about file being readable by others
# Remove all permissions for 'others'
chmod o-rwx sensitive_file.txt
# Or set to 600 (owner read/write only)
chmod 600 sensitive_file.txtChecking Current Permissions
# List with permissions
ls -l file.txt
# Output: -rwxr-xr-x 1 user group 1234 Jan 01 12:00 file.txt
# |--owner-| |-group-| |-other-|
# List directory contents
ls -lh datasets/
# Check specific file
stat file.txtBatch Operations
Fix All Scripts in Directory
# Make all .sh files executable
find ~/scripts -name "*.sh" -exec chmod +x {} \;
# Or using chmod directly
chmod +x ~/scripts/*.shFix Dataset Permissions
# Files: 644 (rw-r--r--)
find /datasets -type f -exec chmod 644 {} \;
# Directories: 755 (rwxr-xr-x)
find /datasets -type d -exec chmod 755 {} \;Troubleshooting
Cannot Change Permissions
Error: chmod: changing permissions of 'file': Operation not permitted
Causes:
- Not the owner - Use
sudoor ask owner to change - Filesystem mounted read-only - Check with
mount | grep ro - File attributes - Check with
lsattr file
Permissions Look Correct But Still Can’t Execute
# Check if file is actually a script
file script.sh
# Check shebang line
head -1 script.sh
# Should be: #!/bin/bash or #!/usr/bin/env python3
# Check if interpreter exists
which bash
which python3Best Practices
- Scripts:
755(owner can edit, everyone can execute) - Data files:
644(owner can edit, everyone can read) - Shared directories:
775+ setgid bit (chmod g+s) - Private files:
600(owner only) - SSH keys:
600(required by SSH)
:::tip[Security First] Always use the minimum permissions needed:
- Start restrictive (e.g.,
700) - Open up only as needed (e.g., to
755) - Never use
777unless absolutely necessary :::
Related Resources
- Dataset Scripts - Download and manage datasets
- HPC Usage - Permissions on shared clusters
- Environment Setup - Managing Python environments