DevOps(Day-6)

Permissions in LINUX

Permissions in LINUX

When you do ls -ltr to list the files. You can see the permissions of the files.

drwxrwxrwx 1 root pool 256 Dec 10 18:49 File.txt

d or - :- Generally the permissions of any file or folder starts with d or -. d is for directory and - is for a file. user (first set of rwx) – The user permissions apply only to the owner of the file or directory, they will not impact the actions of other users.
group(second set of rwx) – The group permissions apply only to the group that has been assigned to the file or directory, they will not affect the actions of other users.
others (third set of rwx) – The other permissions apply to all other users on the system, this is the permission group that you want to watch the most.

"chmod" is the command to provide permission for file/directory.

chmod <permission_value> <file_name>

Read, write, execute and –

  • The ‘r’ means you can “read” the file’s contents.

  • The ‘w’ means you can “write”, or modify the file’s contents.

  • The ‘x’ means you can “execute” the file. This permission is given only if the file is a program.

  • If any of the “rwx” characters is replaced by a ‘-‘, then that permission has been revoked.

  • If the permission is given as 777 as per the below mode, then the user will have full access to the folder or file. This is not advisable if the user is not a root user.

    Symbolic

    Mode

    Absolute Mode

    r

    -read

    4

    w

    -write

    2

    x

    -execute

    1

    (-)

    Null

    0

OWNER OF THE FILE/DIRECTORY

In the above File.txt, root denotes the owner of the file. Generally, the default owner of the file is the user who creates it.

To change the ownership of a file/directory "chown" command is used.

chown ownername:groupname <folder/file>

GROUP OF THE FILE/DIRECTORY

In the above File.txt, pool is the group, the users belonging to this group will have relevant permissions to perform any action in the file/folder.

To change the group of the file/folder "chgrp" is used.

chgrp <new_group_name> <file/foldername>

ACL

ACL stands for Access Control Lists.

Think of a scenario in which a particular user is not a member of group created by you but still you want to give some read or write access, how can you do it without making the user a member of the group, here comes in picture Access Control Lists, ACL helps us to do this trick.

ACLs are used to make a flexible permission mechanism in Linux.

getfacl is the command to show what are permission assigned to any file/folder.

setfacl is the command used to grant permission to any file/folder.

getfacl <file or foldername>

setfacl -m "u:user:permissions" /path/to/file

setfacl -m "g:group:permissions" /path/to/file

Thank you for reading my article.

WRITTEN BY Biswaraj Sahoo --AWS Community Builder | DevOps Engineer | Docker | Linux | Jenkins | AWS | Git | Terraform | Docker | kubernetes

Empowering communities via open source and education.

Connect with me over linktree: https://linktr.ee/biswaraj333

Subscribe to my newsletter

Read articles from biswaraj sahoo's blog directly inside your inbox.