2

I am learning file mode permissions 

666: for non-executable ordinary files 
777: for executable ordinary files 
777: for directories

Reference to the executable mode,
I could understand that a program file has executable mode, but have
no ideas about why a directory also has a 'executable mode`.

I found it make no sense. a directory entry cannot be executed and cannot set all the files within a directory 'executable` by just set their directory.

How to understand a executable directory entry?

user10726006
  • 635

1 Answers1

6

This has been covered in a related post on Unix&Linux:

The execute bit (x) allows the affected user to enter the directory, and access files and directories inside

An example:

$ chmod -x test_access/
$ cd test_access/
bash: cd: test_access/: Permission denied

This also prevents from creating/removing files:

$ rm test_access/new_file 
rm: cannot remove 'test_access/new_file': Permission denied
$ touch test_access/another_file
touch: cannot touch 'test_access/another_file': Permission denied

The execute permission actually should be called "access" permission, since when there is no x bit set on file or directory, it results in EACCES error. You can see that when performing strace bash -c 'cd test_access/

chdir("test_access")                    = -1 EACCES (Permission denied)

On the lower level, this particular permission in stat.h standard Unix library is defined as

S_IXUSR

Execute/search permission, owner.

Where search of course refers to directories. Note that reading what directory contains is covered by the r bit in the permissions. Thus, I can still ls the directory, but cannot navigate there if there's no x bit but there is r bit:

$ ls -ld test_access
drw-r--r-- 2 admin admin 4096 Jan  4 15:18 test_access
$ ls test_access
test_file

If you look at strace output for rm and touch, you'll soon find out that these commands also use variation of stat() and openat() syscalls, which also return EACCES

Side note on ls

Note that on Debian systems with default /bin/bash as user's interactive shell, ls is often an alias to ls --color=auto. Where that's the case, you will see an error such as this:

$ ls test_access 
ls: cannot access 'test_access/test_file': Permission denied
ls: cannot access 'test_access/new_file': Permission denied
new_file  test_file

$ ls -l test_access 
ls: cannot access 'test_access/test_file': Permission denied
ls: cannot access 'test_access/new_file': Permission denied
total 0
-????????? ? ? ? ?            ? new_file
-????????? ? ? ? ?            ? test_file

The reason behind that lies in the POSIX definition of EACCES:

[EACCES] Permission bits of the file mode do not permit the requested access, or search permission is denied on a component of the path prefix

Specifically, if you run strace ls --color=auto test_access/ you will see that ls attempts to perform lstat() system call to determine the directory entry type, which is where the EACCES occurs

Sergiy Kolodyazhnyy
  • 107,582