So you are confused with your Linux server’s ideal permissions for /home directory. To understand the whole picture of file permissions for your Linux system, you have to understand the Linux File system ownership and permission we have provided below.
About Linux File Ownership
Every file and directory on your Unix/Linux system is assigned 3 types of owners listed below:
The user is the file owner; by default, the person who created a file becomes its owner, so the user Is the owner of the file.
Suppose some group of users has created a file and you want these all members to have access fo the file. Here user-group option comes where it contains multiple users. If you have a project where a number of people want access to the file, you can add all these members to a group and assign the file to this group.
In this option, the file can be accessible not by particularly user who created the file or the user group, it means you set the option for anyone in the world.
Linux File Permissions
Every Linux file system runs on the permissions discussed below:
- Read: This permission give you the authority to open and read a file
- Write: With written permission, you have the ability to modify the contents of your file. You can add, rename, and remove files stored in the directory.
- Execute: Unlike windows in Linux you have to set execute permission to a file or you can only read and write the file.
What are R, W, and X?
r represents read permission.
w represents write permission and
x represents executable permission.
Permission can also be represented in numbers
r is represented by 4,
w is represented by 2
x is represented by 1
Ideal /home Directory Permission in Linux
The best /home directory permission would be
- 711: With this permission, others can only execute the file but it can’t be opened by them while you can perform anything.
- 751: Here the owner can read/write/search, while others and groups can only search
To change the permissions of your home directory using the commands provided below:
chmod 711 *
chmod 751 *
or you can use any file permission by replacing the unit we have provided.