# Linux Files and Permissions for Makers

Learn paths, owners, groups, modes, and parent directory traversal before changing chmod or chown.

## Outcome
Diagnose why a project file cannot be read, executed, or served.

## Safe first step
namei -l /path/to/file walks every path component.

## Ladder steps
### 1. Read the whole path
A failure can come from any parent directory, not just the final file.

Check: namei -l shows every component.

### 2. Check owner and group
The file owner and group determine which permission bits apply.

Check: stat shows owner, group, mode, and name.

### 3. Match the service user
A web server or service may not run as your login user.

Check: systemctl show -p User can reveal service user config.

### 4. Avoid recursive fixes
Recursive chmod or chown can damage unrelated files.

Check: Change only the proven broken component.

## Examples
### Walk path permissions
```sh
namei -l /srv/www/site/current/index.html
```
Expected signal: Each directory and file shows mode, owner, and group

### Check owner and mode
```sh
stat -c '%A %U:%G %n' index.html
```
Expected signal: A compact permission and owner line

### Check service process user
```sh
ps -o user,comm -C nginx
```
Expected signal: The account running nginx workers

## Common traps
- Using chmod -R 777.
- Changing ownership without knowing the service user.
- Fixing the file while the parent directory still blocks traversal.

## Practice task
Build a test directory where only the parent execute bit is wrong. Use namei -l to identify the break.

## Next steps
- Use LinuxOneLiners permission-denied repair path.
- Learn Nginx static root checks.
- Practice service-user debugging.

## Related
- [Linux permission denied repair path](https://linuxoneliners.com/problems/linux-permission-denied/)
