OpenClaw LaunchOpenClaw Launch
📂

File Permission Guide

Verified

by Community

Explains Unix file permissions, ownership, and access control with practical examples for common scenarios including web servers, shared directories, and deployment scripts.

systempermissionsunixsecuritylinuxaccess-control

File Permission Guide

Understand and configure Unix file permissions correctly for security and functionality. Covers standard permissions, special bits, ACLs, and common scenarios with specific solutions.

Usage

Describe the access scenario you need to configure or the permission error you're encountering. The guide explains the correct permissions and provides commands to set them.

Parameters

  • Scenario: Web server files, Shared directory, Script execution, SSH keys, or General
  • System: Linux, macOS, or Docker container
  • Issue: Permission denied, Too permissive, Shared access, or Understanding output
  • Level: Basics (rwx), Intermediate (setuid, sticky), or Advanced (ACLs, capabilities)

Examples

  1. Web Server Permissions: Set correct permissions for a web application — docroot owned by deploy user, readable by www-data, writable upload directory, and no executable PHP in uploads.
  1. Shared Team Directory: Configure a shared project directory where multiple users can create and edit files — setgid bit, umask settings, and ACL for new file inheritance.
  1. Permission Denied Debug: Systematically trace a "Permission denied" error — check file permissions, directory permissions (need +x), ownership, SELinux context, and ACL entries.
  1. Docker File Permissions: Fix permission issues with bind-mounted volumes — UID mapping between host and container, chmod/chown in Dockerfile, and runtime user configuration.

Guidelines

  • Numeric (755) and symbolic (rwxr-xr-x) notation are both explained with conversion
  • The three permission groups (owner, group, other) are explained with real-world analogies
  • Directory permissions differ from files: +x means "can traverse" not "can execute"
  • Special permissions (setuid, setgid, sticky bit) are explained with security implications
  • umask is explained for controlling default permissions on new files and directories
  • Common permission patterns: 644 (files), 755 (directories), 600 (private keys), 777 (never in production)
  • SELinux and AppArmor contexts are addressed for enterprise Linux distributions
  • ACLs (Access Control Lists) provide fine-grained permissions beyond basic rwx model
  • Recursive permission changes use find + chmod/chown for different file/directory modes
  • Security principle: minimum necessary permissions — never chmod 777 in production

More System Skills

🖥️
System Info

Check system resources — disk space, memory usage, CPU, and uptime.

Cron Helper

Build, explain, and test cron schedule expressions.

🔎
Log Analyzer

Parse, search, and analyze log files for errors and patterns.

📦
Clawdhub

Skill manager — search, install, update, and publish skills.