Permissions in LINUX
When you do ls -ltr to list the files. You can see the permissions of the files.
drwxrwxrwx 1 root pool 256 Dec 10 18:49 File.txt
d or - :- Generally the permissions of any file or folder starts with d or -. d is for directory and - is for a file. user (first set of rwx) – The user permissions apply only to the owner of the file or directory, they will not impact the actions of other users.
group(second set of rwx) – The group permissions apply only to the group that has been assigned to the file or directory, they will not affect the actions of other users.
others (third set of rwx) – The other permissions apply to all other users on the system, this is the permission group that you want to watch the most.
"chmod" is the command to provide permission for file/directory.
chmod <permission_value> <file_name>
Read, write, execute and –
The ‘r’ means you can “read” the file’s contents.
The ‘w’ means you can “write”, or modify the file’s contents.
The ‘x’ means you can “execute” the file. This permission is given only if the file is a program.
If any of the “rwx” characters is replaced by a ‘-‘, then that permission has been revoked.
If the permission is given as 777 as per the below mode, then the user will have full access to the folder or file. This is not advisable if the user is not a root user.
Symbolic
Mode
Absolute Mode
r
-read
4
w
-write
2
x
-execute
1
(-)
Null
0
OWNER OF THE FILE/DIRECTORY
In the above File.txt, root denotes the owner of the file. Generally, the default owner of the file is the user who creates it.
To change the ownership of a file/directory "chown" command is used.
chown ownername:groupname <folder/file>
GROUP OF THE FILE/DIRECTORY
In the above File.txt, pool is the group, the users belonging to this group will have relevant permissions to perform any action in the file/folder.
To change the group of the file/folder "chgrp" is used.
chgrp <new_group_name> <file/foldername>
ACL
ACL stands for Access Control Lists.
Think of a scenario in which a particular user is not a member of group created by you but still you want to give some read or write access, how can you do it without making the user a member of the group, here comes in picture Access Control Lists, ACL helps us to do this trick.
ACLs are used to make a flexible permission mechanism in Linux.
getfacl is the command to show what are permission assigned to any file/folder.
setfacl is the command used to grant permission to any file/folder.
getfacl <file or foldername>
setfacl -m "u:user:permissions" /path/to/file
setfacl -m "g:group:permissions" /path/to/file
Thank you for reading my article.
WRITTEN BY Biswaraj Sahoo --AWS Community Builder | DevOps Engineer | Docker | Linux | Jenkins | AWS | Git | Terraform | Docker | kubernetes
Empowering communities via open source and education.
Connect with me over linktree: https://linktr.ee/biswaraj333
Subscribe to my newsletter
Read articles from biswaraj sahoo's blog directly inside your inbox.