sriparthu
Day 6 Task: File Permissions and Access Control Lists

Day 6 Task: File Permissions and Access Control Lists

sri parthu's photo
sri parthu
·

4 min read

Table of contents

Today is more on Reading, Learning and Implementing File permissions

  • The concept of Linux File permission and ownership is important in Linux. Here, we will be working on Linux permissions and ownership and will do tasks on both of them. Let us start with the Permissions.

Create a simple file and dols -ltrto see the details of the files

Each of the three permissions are assigned to three defined categories of users. The categories are:

  • owner — The owner of the file or application.

  • chown is used to change the ownership permission of a file or directory.

  • group — The group that owns the file or application.

  • chgrp is used to change the group permission of a file or directory.

  • others — All users with access to the system. (outside the users are in a group)

  • chmod is used to change the other users permissions of a file or directory.

As a task, change the user permissions of the file and note the changes afterls -ltr

  • In the image above, there's a shell script file named variables-and-structures.sh with permissions set for user, group, and others. To restrict permissions, only the user can read and write to this file.
chmod 600 variables-and-structures.sh && ls -ltr

  • Now, let's change the permissions for the file so that the group can read, write and execute.
chmod 670 variables-and-structures.sh && ls -ltr

  • Now, let's change the permissions for the file so that the others can read and execute.
chmod 675 variables-and-structures.sh && ls -ltr

Write an article about File Permissions based on your understanding from the notes

  • In Unix- and Linux-based systems, file permissions control who may read, write, and execute a file or directory, ensuring security. The main part of system security is necessary for safeguarding private information and managing user access to system resources.

Permission Categories

1. Owner (User)

  • The owner of a file or directory is the user who created it. The owner has the most control over the file and can change its permissions.

2. Group

  • A group is a collection of users. Files can belong to a specific group, and all users within that group can access the file according to group permissions.

3. Others

  • "Others" represent all users who are neither the owner nor part of the group.

Types of Permissions

1. Read (r)

  • Files: Allows reading the content of the file.

  • Directories: Allows viewing the list of files within the directory.

2. Write (w)

  • Files: Permits modification, editing, and deletion of the file's content.

  • Directories: Allows adding, removing, or renaming files within the directory.

3. Execute (x)

  • Files: Enables executing the file as a program or script.

  • Directories: Allows accessing contents and traversing the directory.

Representing Permissions

Permissions are represented by a 10-character string:

-rw-rwxr-x (or) drwxr-xr-x

  • The first character (- or d) denotes the file type (- for regular files, d for directories).

  • The next nine characters represent the permissions for the owner, group, and others in sets of three.

Modifying Permissions

Symbolic Method

The chmod command uses symbols (+, -, =) to modify permissions.

  • + adds permissions.

  • - removes permissions.

  • = sets permissions.

Example: chmod u+r file.txt grants the owner read permission.

Octal Method

Using octal numbers (0-7) to represent permissions simplifies permission settings.

  • 4 for read (r).

  • 2 for write (w).

  • 1 for execute (x).

Example: chmod 675 variables-and-structures.sh && ls -ltr sets permissions to -rw-rwxr-x.

Read about ACL and try out the commandsgetfaclandsetfacl

  • Access Control Lists (ACLs) in Linux extend traditional file permissions by allowing more granular control over access rights for files and directories. They provide a way to set permissions for specific users or groups beyond the standard owner, group, and others.

Here's a brief explanation of getfacl and setfacl commands along with an example:

Before that, we need to install sudo apt install acl -y

getfacl Command:

  • The getfacl command is used to retrieve the Access Control List (ACL) entries for files and directories. It displays the detailed ACL information, including permissions for users and groups.
 getfacl variables-and-structures.sh

setfacl Command

  • The setfacl command is used to set or modify ACL entries for files and directories, granting or revoking specific permissions for users or groups.
 setfacl -m u:user:<permission> variables-and-structures.sh

  • -m: Modify ACL entries.

  • u:user: Specify the user for whom you're setting permissions.

  • permissions: Define the permissions (e.g., r for read, w for write, x for execute).

 getfacl variables-and-structures.sh

Happy Learning

Thanks For Reading! :)

-SriParthu💝💥

DevopsLinux#90daysofdevops#90daysofdevopschallengefile-permission