🚀 Day 6 Task: File Permissions and Access Control Lists

📍File permissions

File permissions in Linux are represented by a set of three characters for the owner, three characters for the group, and three characters for others. Each character represents the access rights for the corresponding user category.

📍Access Control Lists (ACLs):

ACLs provide a more granular level of control over file permissions. They allow you to set specific permissions for multiple users or groups beyond the standard owner, group, and other categories. ACLs are an extension of the traditional permission system and can be used in conjunction with it.

📝 Task 📝

📌Create a simple file and do `ls -ltr` to see the details of the files [refer to Notes](github.com/LondheShubham153/90DaysOfDevOps/..)

Each of the three permissions is assigned to three defined categories of users. The categories are: -

• owner - The owner of the file or application. chown is used to change the ownership permission of a file or directory.

• group - The group that owns the file or application. chgrp is used to change the group permission of a file or directory.

• others - All users with access to the system. (outside the users are in a group) chmod is used to change the other user's permissions of a file or directory.

  Task: As a task, change the user permissions of the file and note the changes after `ls -ltr`

After changing the user permission

chmod 755 notes

• 4 for read permission (r),

• 2 for write permission (w),

• 1 for execute permission (x).

📍Write an article about File Permissions.

File permissions in Linux are a fundamental aspect of maintaining security and controlling access to files and directories. They dictate who can read, write, and execute files, helping to safeguard sensitive data and ensure proper system operation in a multi-user environment. In this guide, we'll explore file permissions in Linux, the different permission types, and how to manage them effectively.

👉🏼File Permission Basics

In Linux, each file and directory has three categories of users associated with it:

1. Owner: The user who created the file or directory is its owner. The owner has complete control over the file and can change its permissions and attributes.

2. Group: Each file is associated with a primary group. Users who belong to this group have specific permissions for the file. Group permissions are useful when multiple users require similar access levels to specific files.

3. Others: Users who are not the owner or part of the group fall under this category. The "others" category encompasses all remaining users on the system.

Each user category can have three types of permissions:

• Read (r): Allows users to view the content of a file or list the contents of a directory.

• Write (w): Permits users to modify the contents of a file or create, rename, or delete files within a directory.

• Execute (x): Enables users to run executable files (scripts or binary executables) or traverse a directory (to access its contents).

👉🏼File Permission Notation

File permissions in Linux are represented using a three-character string for each user category. The characters are denoted by r, w, and x for read, write, and execute permissions, respectively. An additional - character represents missing permission.

The order of the characters is as follows: owner, group, others. For instance, the permission string rw-r--r-- indicates that the owner has read and write permissions, while the group and others only have read permissions.

👉🏼Numeric Notation

Linux also provides a numeric notation for file permissions. In this system, each permission is assigned a numeric value:

• 4 for read permission (r),

• 2 for write permission (w),

• 1 for execute permission (x).

To express permissions, add the numeric values for each user category:

• Read and write (4 + 2 = 6),

• Read-only (4),

• Read and execute (4 + 1 = 5),

• Write and execute (2 + 1 = 3),

• No permissions (0).

Changing File Permissions

To change file permissions, use the chmod command. The command can take both numeric and symbolic notation. For instance:

• chmod 644 file.txt sets read and write permissions for the owner and read-only permissions for the group and others.

• chmod u+x script.sh adds execute permission for the owner on the script file.

chmod go-rw file.txt removes read and write permissions for both the group and others.

📍Read about ACL and try out the commands `getfacl` and `setfacl`

Access Control Lists (ACL) in Linux are an extension of the traditional file permissions system. ACLs provide a more fine-grained level of control over file and directory access by allowing you to assign specific permissions to individual users or groups beyond the primary owner and group.

Standard file permissions in Linux provide three levels of access (read, write, and execute) for three user categories (owner, group, and others). However, there are situations where you might need to grant additional permissions to specific users or groups, without changing the primary group or adding users to the primary group.

With ACLs, you can define multiple access entries for a file or directory, each specifying a particular user or group along with their respective permissions. This enables you to create more complex permission setups and grant access rights more flexibly.

1. getfacl Command: The getfacl command is used to display the Access Control Lists (ACLs) for files and directories. The output provides information about the access entries and their associated permissions.

Syntax:

getfacl filename_or_directory

Example:

getfacl /day06/file.txt

This command will display the ACL entries and associated permissions for "file.txt".

1. setfacl Command: The setfacl command is used to modify the Access Control Lists (ACLs) for files and directories. You can add or modify access entries to grant specific permissions to users or groups.

Syntax:

setfacl -m u:user:permissions filename_or_directory

Here:

• -m: Modifies the ACL by adding or modifying entries.

• u:user: Specifies the user for whom you want to set the permissions.

• permissions: Specifies the desired permissions for the user.

Example:

setfacl -m u:john:rw /day06/file.txt

🌟 Conclusion:

Congratulations! 🎉 File Permissions and Access Control Lists. File Permission is used to permit to file or directory (Owner, Group, Others). ACLs provide a more granular level of control over file permissions. We hope this blog has given you a Question/Answer 🚀 Embrace the Shell power and have fun with your Shell Scripting journey! 💪

🔍 Did you find this blog helpful? Let us know in the comments below! 👇 And if you have any questions or need further assistance, we're here to help! 🤗

Happy Learning! 💻✨