Day 6: Linux File Permissions

Day 6: Linux File Permissions

As a DevOps engineer, file permission helps in keeping things secure, automated, and easy to work on together.

Permissions of a file tell what actions can be performed on the file by different users or groups.

  1. To check the permission configuration of a file.

    We can check the configuration of a file using these commands ls -l file, ll file ls -ll file or ls ltr file. All the commands are used for viewing the permission of a file.

    1. Here first dash(-) shows the type of file.

    2. Three types of permission r(read),w(write), and x(execute).

    3. "rw-rw-r--" shows permission for the file in which the

      -> First rw- tells about the permission to the user of the file(u).

      -> Second rw- tells about the permission to whom owing the group(g).

      -> Third r-- tells about the permission to others/public(o).

    4. 1 tells about how many links of this file.

    5. The first "ubuntu" shows the owner of the file and the second "ubuntu" shows who is owing the group.

    6. The date and time show the last modification time of the file.

    7. In the last, it shows the file name.

There are two ways of permitting the file :

(i) Symbolic (ii) Octal/numerical

Symbolic:

In this, we assign the permission with the "+" symbol and revoke the permission using the "-" symbol.

a=r It will give only read permission to all the users, groups, and others.

a=rwx It means all the permission to all the users, groups, and the public.

Let's practice some of the commands

chmod: It allows the user to change or modify the file permission.

chmod a=r it will change the permission to read-only.

Note: Blanks(-) shows no permission.

By using chmod u+w file It will assign write permission to the user.

By using chmod go+x file it will assign execute permission to the group and others. After getting execute permission file will show in green color.

We can also do this from chmod g+x,o+x file command.

By using this chmod u+w,g+w,o+w file it will assign write permission to the "user", execute permission to the "group", and write permission to the others.

By using chmod go-x file it will revoke execute permission for the group and others.

Octal/numerical

The octal value of r=4, w=2, x=1, and for the no permission value is 0.

By summing their value we can simply use one number.

For read, write, and execute value is 7.

For read and write value is 6.

For read and execute value is 5.

For read-only value is 4.

For write and execute value is 3.

For write-only value is 2.

For execute-only value is 1.

for example, if we are giving chmod 541 file it means we are giving the value "5" to "user" which means the user has only read and execute permission. Value "4" to the one who owes the "group" which means the group has only write permission. Value "1" to the "others" which means other have only execute permission.

Let's do some hands-on:

  1. Presume that file1 with read permission for the owner, owning group, and others.

    Here we create one file after that view the permission of the file using ls -ltr command and after that change its permission to read-only according to the question using chmod 444 file1 .

    Note: For read=4,write=2, and execute=1

  2. Add the execute permission for the owner and show the output of ll to verify.

    Here we use chmod 544 file1 command so that it can add execute permission along with read permission to the owner of the file.

  3. Add the write permission for group members and the public and verify.

    Here we use chmod 566 file1 command so that it can add write permission to the group and others along with previous permissions.

  4. Remove the write permission for the public and confirm.

    Here we use chmod 564 file1 command so that it can remove write permission from the public and keep all other rest permissions.

  5. Assign read, write, and execute permissions to all three user categories and validate.

    Here we use chmod 777 file1 command so that it can give all permission to the owner, group, and others.

  1. For changing the ownership of the file.

    chown: It is used for changing the ownership of the file.

    Step 1: First we create one user using the command sudo useradd Mohan .

    Step 2: Second we create one file and see the permission.

    Step 3: Third we can see that file.txt has ownership of Ubuntu.

    Step 4: Fourth we write sudo chown Mohan file.txt command. It will change the ownership to Mohan.

  2. To change the ownership of the group.

    chgrp: It is used for changing the group of a file that it belongs to.

    Step 1: First we create a group using the command sudo groupadd test.

    Step 2: Second we check the permission of our file to which group it belongs.

    Step 3: Third we change the group using the command sudo chgrp test file.txt. It will change the group of file.txt from Ubuntu to test.

Summary

In this blog, we see the file permissions concept in detail. It helps in keeping everything safe and running smoothly while we work together to build and deploy software. We do some hands-on practicals related to file permission.