z/OS UNIX System Services User's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Displaying file and directory permissions

z/OS UNIX System Services User's Guide
SA23-2279-00

To display the permissions for the files and directories in your working directory, use ls -W. (The ls -l command displays all the access permissions but does not display the audit permissions.) The display format is: 
drwxr-x---  fff---    2  ELVIS  64MB   96 Jun 15 10:34 statrp
-rwx------  fff---    1  ELVIS  64MB  107 Jul 10 07:45 jun93
-rwx------  fff---    1  ELVIS  64MB   80 Aug 09 13:15 jul93
-rwx------  fff---    1  ELVIS  64MB  150 Sep 15 10:45 aug93
drwxr-xr-x  fff---    2  ELVIS  64MB   96 Jun 17 09:05 dbappl
-rwxr-x---  fff---    1  ELVIS  64MB  150 Jun 17 10:15 txn1
  • First field: A string of 10 characters. The first character indicates the file type. The next 9 characters are the permissions. For example: 
    -rwxr-xr-x
    View them this way: 
    - rwx r-x r-x
    • The first character indicates whether this is a file or directory.
      • - for a regular file (binary or text)
      • c for a character special file
      • d for a directory
      • e for an external link
      • l for a symbolic link
      • p for a named pipe (FIFO special file)
      In the example, - indicates a regular file.
    • The first set of 3 characters show the owner's permissions. In this example, the owner has read, write, and execute permission (rwx).
    • The second set of 3 characters show the group permissions. In this example, the group to which the user belongs has read and execute permission (r-x).
    • The third set of 3 characters show the other permissions. In this example, any other user can read the file and execute it (r-x). If the sticky bit is on, you see a T or t in the final field (--T or --t).
  • Second field: The audit settings. These 6 characters are actually two groups of 3 characters. The first group of 3 describes the audit settings requested by a user; the second group describes audit settings requested by a security auditor. The characters can be:
    • s to audit successful access attempts
    • f to audit failed access attempts
    • a to audit all accesses
    • - for no audit
    In the example, fff---,
    • fff means failed read, write, and execute or search attempts to access the file are audited by the user.
    • --- means read, write, and execute or search attempts to access the file are not audited by the security auditor.
  • Third field: The number of links to the file or directory.
  • Fourth field: The owner's login name (TSO/E user ID).
    Note: When files owned by user ID 0 (UID=0) are transferred from any UNIX-type system across an NFS connection to another UNIX-type system, the user ID changes to -2 (UID=-2). On a z/OS UNIX system, -2 is not a valid user ID; therefore, ls displays UID 4294967294 (the unsigned equivalent of -2).
  • Fifth field: The name of the group associated with the file or directory.
  • Sixth field: The size of the file, expressed in bytes.
  • Seventh field: A date and time. For a file, this is the time the file was last changed; for a directory, it is the last time a file was created or deleted in the directory.
  • Eighth field: The name of the file or directory. If the file is a symbolic link, that also is indicated. See the additional information for the filename lnk in this example: 
    l---------   1 ELVIS    SYS1           8 May 21 15:30 lnk -> /tmp/ehk
$
Parent topic: Handling security for your files

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014