Sujata blog
File Permissions and Access Control Lists

File Permissions and Access Control Lists

Sujata Kumari's photo
Sujata Kumari
·

2 min read

#90daysdevops

#day6

whenever we use ls -ltr command we see something like this:

So what is this -rwxrwxrwx .

r : read permission

w: write permission

x: execute permission

We can also represent this permissions numerically

· 0 = No Permission

· 1 = Execute

· 2 = Write

· 4 = Read

Types of user in Linux

u :- user

g :- group

o :- others

So when we write 740 it means the user has read ,write ,execute permission (1+2+4) , group can only read and other has no permissions ,

In linux we can change user permissions using chmod ,chgrp ,chown .

Changing permission using chmod command

The basic syntax is:

chmod [permission] [file_name]

chmod u+r file_name: giving the user read permission

To set a file, so it is public for reading, writing, and executing, the command is:

chmod u=rwx,g=rwx,o=rwx [file_name] this is same as chmod 777 [file name] .

Changing User File and Group Ownership

  • To change the file ownership we use chown command .

chown [user_name] [file_name]

Instead of [user_name] type in the name of the user who will be the new owner of the file.

The name of the file owner gets changed from ubuntu to sujata.

  • To change the group ownership we use chgrp command

chgrp [group_name] [file_name]

Instead of [group_name] type in the name of the group that will be the new owner of the file.

What is ACL ?

It allows you to give a more specific set of permissions to a file or directory without changing the base ownership and permissions.

Commands : setfacl & getfacl.

getfacl gives you a more detail information about the file .

setfacl

  • For adding permission for user :

    setfacl -m u:user:rwx <target_file>

  • For adding permission for group :

    setfacl -m g:group:rwx <target_file>

  • To remove a specific entry :

    setfacl -x u:user:rwx <target_file>

  • To remove all entries :

    setfacl -b <target_file>

  • For adding permission for a user in all the files inside a folder :

    setfacl -Rm "entry <target_file/folder>

Here as you can see we have given rwx permission to a user name sujata without changing the actual user.

The + sign indicates that we have used ACL.

Thank you for reading!!

~Sujata Kumari

Great initiative by the #trainwithshubham community.

DevopsLinuxlinux for beginnerslinux-basicsTrainWithShubham