• VMware

    Learn about VMware virtualization for its products like vsphere ESX and ESXi, vCenter Server, VMware View, VMware P2V and many more

  • Linux

    Step by step configuration tutorials for many of the Linux services like DNS, DHCP, FTP, Samba4 etc including many tips and tricks in Red Hat Linux.

  • Database

    Learn installation and configuration of databases like Oracle, My SQL, Postgresql, etc including many other related tutorials in Linux.

  • Life always offers you a second chance ... Its called tomorrow !!!

    Thursday, March 07, 2013

    Understanding Special Permission Sticky Bit in Linux

    Now there are few permissions which are used in Linux and are referred as special permission due to SUID and SGID in their respective link their different functionality in terms of their usage. You can find details about

    Sticky Bit
    This special permission becomes very useful in most the cases. This is used when you are the owner of a particular file and you have give full permission to that file for all others but still you don't want any one of them to delete that file apart from the user and group owner. In that case sticky bit plays a very important role as once you assign this permission to some file or directory no one else apart from the user and group owner will be able to delete that file or directory.

    Before showing you any example let me give you some helpful and important tips.
    Sticky Bit can be assigned using two ways
    1. Octal (1)
    2. Symbolic (t)

    Octal (1):
    If you want to use octal method then this is the syntax which you need to follow
    # chmod 1XXX /dirname
    Here 1 means assigning sticky bit and XXX means the permission to be applied

    For example:
    # chmod 1775 /statusupdate
    Here I am assigning full permission to user and group owner and read and execute permission to others including a sticky bit given by 1 at the beginning of permission.

    Symbolic (t) :
    If you want to assign sticky bit using symbolic way then this will be the syntax
    # chmod +t /dirname
    For example
    # chmod o+t /statusupdate
    Here I am not meshing with any other existing permission instead additionally I am assigning a sticky bit permissions for all others for statusupdate directory

    Let me show you some practical example.

    I have 2 users namely user1 and user2. A common directory is assigned to both of them by the root to put up their status update at the end of the day in this directory. Now being a root I will assign sticky bit to the main directory along with any sub directories if there is any.
    # mkdir /statusupdate
    # chmod 1777 /statusupdate

    user1 statusupdate
    $ cd /statusupdate
    $ mkdir mywork
    $ chmod
    1777 mywork

    $ ls -l
    total 4
    t. 2 user1 user1 4096 Oct 17 07:04 mywork

    Now as in my case for the demo purpose I have given full permission to mywork directory which I don't think most will do but this is just an example. Now as you see addition (t) option is visible marked in red color in the permission section for others.

    Now log in as user2
    It seems user2 is not so friendly with user1 and wants to delete his statusdata to create his impression on the boss. Lets see if he can do that
    $ cd /statusupdate
    $ ls -l
    total 4
    drwxrwxrwt. 2 deepak deepak 4096 Oct 17 07:04 mywork
    $ rm -rf mywork
    rm: cannot remove `mywork': Operation not permitted

    Ooops the operation is not permitted. So it seems user2 will have to honestly work hard to create an impression over his boss.

    So this is how sticky bit works the same could have been done using symbolic way as well.

    Removing sticky bit

    # chmod 0775 /statusupdate
    # ls -l
    drwxrwxr-x.   3 root root  4096 Oct 17 07:07 statusupdate

    The same can be done in symbolic way using the below command
    # chmod -t /statusupdate
    Many a times you will observe a capital (T) at the others permission section instead of small (t) now you do not have to get confused regarding this as both of them signify sticky bit but with a little difference that if others have executable permission on them then after applying sticky bit you will get small (t) but if others do not have executable permission then others will get capital (T).

    Let me show you with the help of one example

    Before applying Sticky Bit with executable permission
    # chmod 775 /statusupdate
    # ls -l
    x.   3 root root  4096 Oct 17 07:07 statusupdate

    After Sticky Bit with executable permission
    # chmod 1775 /statusupdate
    # ls -l
    drwxrwxr-t.   3 root root  4096 Oct 17 07:07 statusupdate

    Now as you see a small (t) since the directory had executable permission

    Before applying sticky bit without executable permission
    # chmod 774 /statusupdate
    # ls -l
    drwxrwxr--.   3 root root  4096 Oct 17 07:07 statusupdate

    After Sticky Bit without executable permission
    # chmod 1774 /statusupdate
    # ls -l
    drwxrwxr-T.   3 root root  4096 Oct 17 07:07 statusupdate

    So I hope I cleared my point on all the possible cases with sticky bit.

    Now in case you want to search all the files and directories with sticky bit permission
    # find / -perm +1000
    where 1000 signifies files or dir having sticky bit as per the octal value we use. Now again you can use additional switch with find command like -type d or f to search more accurately.

    Follow the below links for more tutorials:

    What is a Kernel in Linux?
    How does a DNS query works when you type a URL on your browser?
    How to create password less ssh connection for multiple non-root users
    How to create user without useradd command in Linux
    How to unlink/delete a symbolic in Linux
    How to give normal user root privileges using sudo in Linux/Unix
    How to do Ethernet/NIC bonding/teaming in Red Hat Linux
    How to install/uninstall/upgrade rpm package with/without dependencies
    How to extract files to different directory using tar in Unix/Linux
    How to preserve Symbolic links with tar command in Unix/Linux
    How to give permission to user to run some commands in Linux
    How to set environment (PATH) variable permanently in Linux
    How to mount windows share on linux


    1. I really liked the way you have explained step by step.

      Very Helpful
      Your page is definitely going in my bookmarks.