Linux File System Permission
**Types of file permission:-
Basic Permission
Special Permission
Access Control List (ACL) Permission
--> To check file permission:-
#ls -ll
drwxrwxr-x
where, d = file type (directory)
first "rwx" = User
Second "rwx" = Group
Third "rwx" = Other User
and "rwx" = read write execute
Note:- You can set permission with numeric and symbolic.
Permission With Numeric:-
r (read) = 4
w (write) = 2
x (execute) = 1
Permission with Symbolic:-
Owner(u) -> Permission used for the owner of the file.
Group(g) -> Permission used by members of the group.
Other(o) -> Permission used by all other users.
----------------------------------------------------------------------------------------
Symbolic Way:-
For add read permission to owner:-
#chmod u+r file1
To add read-write-execute permission to group:-
#chmod g+rwx file1
To remove execute permission to others:-
#chmod o-x file1
----------------------------------------------------------------------------------------
Numeric Way:-
example 1:-
Add read-write-execute permission to owner
Add read-write-execute permission to group
Add only read permission to other user
#chmod 774 file1
example 2:-
Add read-execute permission to owner
Add read permission to group
No permission to other users
#chmod 540 file1
----------------------------------------------------------------------------------------
where, d = file type (directory)
first "rwx" = User
Second "rwx" = Group
Third "rwx" = Other User
First ubuntu = Owner
2nd ubuntu = Group Owner
4096 = File Size
Mar 25 10:01 = Date with time
dir1 = Directory
--> Now I want to change Owner of the file1
First, check the user list
#tail -5 /etc/passwd
This will show you the last 5 users present in the user list
As checked in above picture we have 5 users:- lxd,ravina,priti,suman,rohit
Now I want to change owner to ravina
#chown ravina file1
To change group ownership
#chgrp devopsgrp file1
----------------------------------------------------------------------------------------
Access Control List (ACL):-
Access control list (ACL) provides an additional, more flexible permission mechanism for file systems.
Access control list is a service which is used for providing special permission to specific user and groups for particular directories and files.
Use of ACL:-
Think of a scenario in which a particular user is not a member of group created by you but still you want to give some permission, how you can do it without making user a member of group, here comes in picture Access Control Lists, ACL helps us to do this trick.For check ACL Permission
#getfacl <file/directory>
eg. #getfacl file1
To set ACL permission to User
#setfacl -m u:ubuntu:rwx dir1To remove ACL permission to user
#setfacl -x u:ubuntu: dir1To set ACL permission to Group
#setfacl -m g:ubuntu:rwx dir1To remove ACL permission of Group
#setfacl -x g:ubuntu: dir1To remove All ACL permissions
#setfacl -b dir1