Home > Articles > Operating Systems, Server > Linux/UNIX/Open Source

  • Print
  • + Share This
This chapter is from the book

This chapter is from the book

List Permissions, Ownership, and More

ls -l

You’ve now learned how to format the results of ls to tell you more about the contents of directories, but what about the actual contents themselves? How can you learn more about the files and folders, such as their size, their owners, and who can do what with them? For that information, you need to use the -l option (or --format=long).

$ ls -l ~/bin
total 2951
-rw-r--r--  1 scott scott  15058 2015-10-03 18:49 adblock_filters.txt
-rwxr-xr--  1 scott root      33 2015-04-19 09:45 addext
-rw-r--r--  1 scott scott  84480 2015-04-19 09:45 addressbook.xls
-rwxr--r--  1 scott scott     55 2015-04-19 09:45 batchprint_home
drwxr-xr-x  9 scott scott   1080 2015-09-22 14:42 bin_on_bacon
-rwxr-xr--  1 scott scott    173 2015-04-19 09:45 changeext
-rwxr-xr--  1 scott root     190 2015-04-19 09:45 convertsize
drwxr-xr-x  2 scott scott     48 2015-04-19 09:45 credentials
[List condensed and edited due to length]

The -l option stands for long, and as you can see, it provides a wealth of data about the files found in a directory. Let’s move from right to left and discuss what you see.

On the farthest right is the easiest item: the name of the listed item. Want ls to display more about it? Then add the -F option to -l, like this: ls -lF. Color is easily available as well, with ls -lF --color.

Moving left, you next see a date and time. This is when the file was last modified, including the date (in year-month-day format) and then the time (in 24-hour military time).

Further left is a number that indicates the size of the item, in bytes. This is a bit tricky with folders—for instance, the previous readout says that bin_on_bacon is 1080 bytes, or just a little more than one kilobyte, yet it contains 887KB of content inside it. The credentials directory, according to ls -l, is 48 bytes, but contains nothing inside it whatsoever! What is happening?

Remember in Chapter 1, “Things to Know About Your Command Line,” when you learned that directories are just special files that contain a list of their contents? In this case, the contents of credentials consists of nothing more than the .. that all directories have in order to refer to their parent, so it’s a paltry 48 bytes; while bin_on_bacon contains information about more than 30 items, bringing its size up to 1080 bytes.

The next two columns to the left indicate, respectively, the file’s owner and its group. As you can see in the previous listing, almost every file is owned by the user scott and the group scott, except for addext and convertsize, which are owned by the user scott and the group root.

The next to last column as you move left contains a number. If you’re examining a file, this number tells you how many hard links exist for that file (for more, see Chapter 3’s “Create a Link Pointing to Another File or Directory” section); if it’s a directory, it refers to the number of subdirectories it contains, including the two hidden pointers . (the current directory) and .. (the parent directory), which means that even if there are no subdirectories, you will still see a 2 there.

And now you reach the final item on the left: the actual permissions for each file and directory. This might seem like some arcane code, but it’s actually very understandable with just a little knowledge. There are ten items, divided (although it doesn’t look that way) into four groups. The first group consists of the first character; the second group contains characters 2 through 4; the third consists of characters 5 through 7; and the fourth and final group is made up of characters 8 through 10. For instance, here’s how the permissions for the credentials directory would be split up: d|rwx|r-x|r-x.

That first group tells you what kind of item it is. You’ve already seen that -F and --color do this in different ways, but so does -l. A d indicates that credentials is a directory, while a - in that first position indicates a file. (Even if the file is executable, ls -l still uses just a -, which means that -F and --color here give you more information.) There are, of course, other options that you might see in that first position, as detailed in Table 2.3.

Table 2.3 Permission Characters and File Types




Regular file






Symbolic link




Block device


Character device


Named pipe (AKA FIFO)

The next nine characters—making up groups two, three, and four—stand for, respectively, the permissions given to the file’s owner, the file’s group, and all the other users on the system. In the case of addext, shown previously, its permissions are rwxr-xr--, which means that the owner scott has rwx, the group (in this case, also scott) has r-x, and the other users on the box have r--. What’s that mean?

In each case, r means “yes, read is allowed”; w means “yes, write is allowed” (with “write” meaning both changing and deleting); and x means “yes, execute is allowed.” A - means “no, do not allow this action.” If the - is located where an r would otherwise show itself, that means “no, read is not allowed.” The same holds true for both w and x.

Looking at addext and its permissions of rwxr-xr--, it’s suddenly clear that the owner (scott) can read, write, and execute the file; the members of the group (root) can read and execute the file, but not write to it; and everyone else on the machine (often called the “world”) can read the file but cannot write to it or run it as a program.

Now that you understand what permissions mean, you’ll start to notice that certain combinations seem to appear frequently. For instance, it’s common to see rw-r--r-- for many files, which means that the owner can both read and write to the file, but both the group and world can only read the file. For programs, you’ll often see rwxr-xr-x, which allows everyone on the computer to read and run the program, but restricts changing the file to its owner.

Directories, however, are a bit different. The permissions of r, w, and x are pretty clear for a file: You can read the file, write (or change) it, or execute it. But how do you execute a directory?

Let’s start with the easy one: r. In the case of a directory, r means that the user can list the contents of the directory with the ls command. A w indicates that users can add more files into the directory, rename files that are already there, or delete files that are no longer needed. That brings us to x, which corresponds to the capability to access a directory in order to run commands that access and use files in that directory, or to access subdirectories inside that directory.

As you can see, -l is incredibly powerful all by itself, but it becomes even more useful when combined with other options. You’ve already learned about -a, which shows all files in a directory, so now it should be obvious what -la would do (or --format=long --all).

$ la -la ~/
drwxr-xr-x    2 scott scott   200 2015-07-28 01:31 alias
drwx------    2 root  root     72 2015-09-16 19:14 .aptitude
-rw-------    1 scott scott  8800 2015-10-18 19:55 .bash_history
-rw-r--r--    1 scott scott    69 2015-04-20 11:00 .bash_logout
-rw-r--r--    1 scott scott   428 2015-04-20 11:00 .bash_profile
-rw-r--r--    1 scott scott  4954 2015-09-13 19:46 .bashrc
[List condensed and edited due to length]
  • + Share This
  • 🔖 Save To Your Account