Day 6 Task: File Permissions and Access Control Lists

Day 6 Task: File Permissions and Access Control Lists

This article is more about reading, learning and implementing file permission in Linux. Here, I am explaining on Linux permissions and ownership and will do tasks on both of them. Let us start with the Permissions.

How to check file permission in Linux

ls -l using this command file permission can be checked.

There’s a lot of information in those lines.

  1. The first character = ‘-‘, which means it’s a file ‘d’, which means it’s a directory.

  2. The next nine characters = (rw-r–r–) show the security

  3. The next column shows the owner of the file. (Here it is root)

  4. The next column shows the group owner of the file. (Here it is root which has special access to these files)

  5. The next column shows the size of the file in bytes.

  6. The next column shows the date and time the file was last modified.

  7. Last Column = File_name or Directory_name. (For example, here are: firstfie.txt, secondfile.txt example)

  1. Owners: These permissions apply exclusively to the individuals who own the files or directories.

  2. Groups: Permissions can be assigned to a specific group of users, impacting only those within that particular group.

  3. All Users: These permissions apply universally to all users on the system, presenting the highest security risk. Assigning permissions to all users should be done cautiously to prevent potential security vulnerabilities.

chown : is used to change the ownership permission of a file or directory.

In above example we can see first user is been created then after creating user file ownership is assigned to created user " changed ownership of firstfie.txt from ubuntu to ishtiyaq.

chgrp: is used to change the group permission of a file or directory.

Here, using sudo chgrp devgroup firstfie.txt command, group of file has changed. and after changing group executed ls -l command to check. There we can changed username and group name in first row.

chmod: is used to change the other users permissions of a file or directory.

Above example, we can see how we have used chmod command and octal no to changed the file permission. there are different way we can change the file permission using chmod command.

Access Control Lists(ACL) in Linux

Use of ACL :

Think of a scenario in which a particular user is not a member of group created by you but still you want to give some read or write access, how can you do it without making user a member of group, here comes in picture Access Control Lists, ACL helps us to do this trick.

Basically, ACLs are used to make a flexible permission mechanism in Linux.

From Linux man pages, ACLs are used to define more fine-grained discretionary access rights for files and directories.

getfcl :To view the Access Control List for a file or directory, use getfacl command.

e.g. To view the ACLs for the file /etc/passwd

setfcl: setfacl stands for Set File Access Control List. It is a command utility tool for setting access control lists in files and directories. setfacl is a powerful tool for managing file permission based on respective Users and Groups rather than general file permission.

setfacl -option file_owner:file_permission filename