As we have learned about users and groups in Linux, now is a good time to know about 'File System Permissions in Linux'. Let's see how Permission plays a crucial role in Linux systems.
πLearn Permissions in Linux:
we can check the permissions of files and directories using the
ls -l
command as shown below.-
Permissions for the app.log file and test directory are marked in yellow.
Let's break it down more:
We have three types of access:
Read (r): Allows a user to view the contents of a file or list the contents of a directory.
Write (w): Enables a user to modify the contents of a file or create/delete files in a directory.
Execute (x): Allows a user to execute (run) a file as a program or access contents within a directory if it is part of the path.
The first character refers to whether it is a file or directory, in the case of a file it will be '-', and in the case of the directory it will be 'd'.
-
Next, we have three categories to which we provide permission.
User/Owner: The user or owner category refers to the individual who created the file or directory. The owner has the highest level of control over the file, and their permissions are represented by the first three characters of the permission string. As the owner, they can modify permissions, read, write, and execute the file or directory.
Group: In Linux, users can be organized into groups to manage permissions more efficiently. A group may consist of multiple users who share similar permissions needs that we have learned in the previous article. The group category represents all users who belong to the same group as the owner of the file or directory. Group permissions are represented by the second set of three characters in the permission string.
Others: The others category includes all users who are neither the owner nor part of the group associated with the file or directory. The permissions for others are represented by the third set of three characters in the permission string.
In the below picture, we can see the app.log file has all the permissions for all three categories, i.e. rwx for the user, rwx for the group, and rwx for others, which means user, group, and others have all the read, write, and execute permission on the file app.log.
For the below directory test, the user(rwx) has all three permissions but the group(r-x) and others(r-x) have only read and execute permissions.
πHow we provide/change/set permissions:
- read(r) = 4
- write(w) = 2
- execute(x) = 1
to provide permissions to a category we just add the above value accordingly.
chmod
is the syntax/command to provide permissions to a file or directory. For example, file app.log has all the permissions to all three categories.Let's change the permission of the app.log to -rwxr-xr-x using the command
chmod 755 app.log
i.e. the user(rwx) has all three permissions but the group(r-x) and others(r-x) have only read and execute permissions.
πOwnership:
Apart from permission, we can find ownership in
ls -l
as shown in the above image.The
chown
command in Linux is used to change the ownership of files and directories. It allows you to transfer ownership from one user to another or change the group ownership of a file or directory. Only the root user and the current owner of a file or directory can use thechown
command to change ownership.Let's change the ownership of the file app.log from dipankar to testuser.
The
chgrp
command in Linux is used to change the group ownership of files and directories. It allows you to assign a new group to a file or directory, allowing members of the new group to access and work with the file or directory based on the group permissions.Let's change the group ownership of the file app.log from dipankar to devops.
ππ Conclusion:
Understanding file system permissions in Linux is vital for maintaining the security and integrity of a system. By learning about the three types of access β Read (π), Write (π), and Execute (πββοΈ), and the three categories β User/Owner (π§βπ»), Group (π₯), and Others (πΆββοΈ), users gain control over file access.
The 'ls -l' command helps us check and interpret permissions. π We can easily change permissions using the 'chmod' command, where each permission has a specific numeric value. Additionally, ownership of files and directories can be altered with 'chown' and 'chgrp' commands, ensuring data is accessible only to the right individuals or groups.
Mastering file system permissions empowers Linux users to protect their data, control access, and enhance system security. π‘οΈπ Whether working with files or directories, understanding these concepts is essential for efficient and secure Linux administration. π»π§
So, let's embrace this knowledge and continue our Linux journey with confidence! ππ