File Permissions and Access Control Lists in Linux.

File Permissions and Access Control Lists in Linux.

FileSystem Permission

ls -ltr

  • Permission Group Owner

    From the above image, the red block indicates the permissions Yellow block indicates the Group and the Green block indicates the Owner.

  • How to check if it's a Directory or File?

    In the Permission block, the first character defines it's a file or directory

    'd'-for directory

    '-' for files

  • Permission Description

    Owner(u):- Permission used for the owner of file

    Group(g):- Permission used for the member of group

    Other(o):- Permission used by all other users

Permission

Access to a file 

Access to a Directory

Read (r)

display file contents and copy the file

View the contents of the directory

write (w)

modify file contents

modify contents of a directory.

Execute (x)

execute the file if it is executable.

Allow use of the cd command to access the directory

Number

Permission Type

Symbol

0

No Permission

1

Execute

–x

2

Write

-w-

3

Execute + Write

-wx

4

Read

r–

5

Read + Execute

r-x

6

Read +Write

rw-

7

Read + Write +Execute

rwx

  • From the above image, the permission is "-rwxr-xr-x"

    -rwx--------->Owner has read, write and execute permission 4+2+1=7

    r-x----------->Group has read and execute permission 4+1=5

    r-x----------->Other has read and execute permission 4+1=5

If we want to change the permission for the directory and give only read and write permission.

  • Syntax:

    chmod permission <filename/directory name>

    chmod 666 node.ppk

  • chown- It is used to change the ownership permission of a file or directory.

  • chgrp- It is used to change the group permission of a file or directory.

    Read about ACL and try out the commands getfacl and setfacl

  • So basically ACL stands for Access Control List its advanced permission mechanism of the filesystem. It allows you to permit any user group to any resources.

  • If we want to give specific permission to a particular user which is not a member of the group we still want to give the read and write permissions here ACL comes into the picture.

    First, we need to install the ACL

    Command-sudo apt install -y acl

  •   sudo apt install -y acl
    
  • To set ACLs on a file or directory, you can use the setfacl command.

  • getfacl refers to get the file control access list.