Melhttps://unixcop.com
Unix/Linux Guru and FOSS supporter

FILE AND DIRECTORY PERMISSIONS AND OWNERSHIP

File and directory’s types of permissions available in Linux and their numeric representations?

File and directory’s point of view There are mainly three types of permissions available in Linux and those are,
read —– r —– 4 null permission —— 0
write —– w —– 2
execute —– x —– 1

What is syntax of chmod command with full options?

# chmod {options}{file/dir name} (to change the owner or permissions of the file/dir)

The options are, -c —–} changes
-f —–} silent (forcefully)
-v —–} verbose
-R —–} recursive (including sub directories and files)

To change the permissions the syntax is,

# chmod {who} {what} {which} {file name or directory}

user (u) add (+) read (4) or (r) “
group(g) remove(-) write (2) or (w) “
other (o) equal (=) execute (1) or (x) “

What is the syntax of chown command with full options?

# chown {options}{file name or directory} (to change the ownership of the file or directory)

The options are, -c —–} changes
-f —–} silent (forcefully)
-v —–} verbose
-h —–} no difference
-R —–} recursive (including sub directories and files)
-H —–} symbolic link to a directory (command line argument)
-L —–} symbolic link to a directory (all)
-p —–} do not traversechown {username} : {group name} {file name or directory name} (to change owner and group ownership of the file or directory)

What is syntax of chgrp command with full options?

# chgrp {options}{file name or directory} (to change group ownership of the file directory)

The options are, -c —–} changes
-f —–} silent (forcefully)
-v —–} verbose
-h —–} no difference
-R —–} recursive (including sub directories and files)
-H —–} symbolic link to a directory
-L —–} do not traverse-p —–} do not traverse

What are the default permissions of a file and directory?
The default permissions of a file = 6 6 6
The default permissions of a directory = 7 7 7

What is umask in linux?
The user file-creation mode mask (umask) is used to determine the file permissions for newly created files or directories. It can be used to control the default file or directory permissions for new files. It is a four-digit octal number. The umask value for normal user is 0002 and the umask value for root user is 0022.

So, the effected file permissions for normal users = 6 6 6 – 0 0 2 = 6 6 4.
The effected directory permissions for normal users = 7 7 7 – 0 0 2 = 7 7 5.
And the effected file permissions for root user = 6 6 6 – 0 2 2 = 6 4 4
The effected directory permissions for root user = 7 7 7 – 0 2 2 = 7 5 5

Syntax to edit umask

1. # umask {value} (to change the umask value temporarily)

2. # vim /etc/bashrc (open this file and change the umask value to effect the whole system)

3. # source /etc/bashrc (to updated the source file)

4. # vim .bashrc (open this file in user’s home directory and at last type as follows)

  umask {value} (save and exit the file)

# source .bashrc or logout and login again (to the system to effect that umask value)

  1. If the/etc/login.defs file is corrupted then new users will be added and can be assigned the passwords but users cannot login.

  2. If the /etc/login.defs file is deleted then new users cannot be added.

How change the permissions using numeric representation?

The values for read = 4, write = 2, execute = 1 and null = 0. The total value = 4 + 2 + 1 = 7

# chmod {no.}{no.}{no.}{file name or directory name}

Example : # chmod 7 7 4 file1 (to give read, write and execute to owner and read, write and execute to group and read permission to others)

# chmod 6 6 0 file2 (to give read and write to owner and read and write to group and null (0) permission to others)

Explain about set uid (suid)?

If we plan to allow all the users to execute the root users command then we go for set uid (suid).

It can be applied for user level and is applicable for files only.

a. # chmod u+s {file name} (to set the suid on that file)

b. # chmod u-s {file name} (to remove the suid from that file)

c. # ls -l (if ‘x’ is replaced with ‘s’ in owner’s level permissions that means suid is applied on that file)

 – r w s r w x r w x {file name} (here ‘s’ is called set uid or suid)

Example : # chmod u+s /usr/sbin/init 6 (then any user can restart the system using this command #init 6)

a. # chmod u+s /sbin/fdisk (then any user can run the fdisk command)

b. # strings {command name} (to read the binary language of the command ie., the string command converts the binary language into human readable language)

c. # strings mkfs (to read the mkfs command’s binary language into human readable language)

  Normally set uid (suid) permission will be given on scripting files only.

Explain about set gid (sgid)?

If we plan to allow all the users of one group to get the group ownership permissions then we go for set gid (sgid). It can be applied for group level and is applicable on directories only.

Example: # chmod g+s {directory name} (to set the sgid on that directory)

# chmod g-s {directory name} (to remove the sgid from that directory)

Explain about sticky bit?

It protects the data from other users when all the users having full permissions on one directory.

It can be applied on others level and applicable for directories only.

Example : # chmod o+t {directory name} (to set the sticky bit permission on that directory)

ls -ld {directory name}

dr w x r w x r w t {directory name} (where ‘t’ is called the sticky bit)

What is Access Control List (ACL)?

Define more access rights nothing but permissions to files and directories. Using Access Control list we assign the permissions to some particular users to access the files and directories.

ACL can cab be applied on ACL enabled partition that means you need to enable ACL while mounting the partition.

How to implement ACLs?

Create a partition and format it with ext4 filesystem.

Mount the file system with ACL.

Apply ACL on it.

Create a partition using # fdisk command.

Format the above partition with ext4 file system using # mkfs.ext4 <partition name> command.

 Create the mount point using # mkdir /<mount point> command.

 Mount that file system on the mount point using # mount -o acl <partition name><mount point>command.

 Mount the partition permanently using # vim /etc/fstab (open this file and make an entry as below)

 <partition name><mount point><file system type> defaults, acl 0 0

 Save and exit this file.

If the partition is already mounted then just add acl after defaults in /etc/fstab file and execute the below command

# mount -o remount <partition name>

How to check the ACL permissions?

# getfacl <options><file or directory name>

The options are, -d —–> Display the default ACLs.

 -R —–> Recurses into subdirectories.

How to assign ACL permissions?

# setfacl <options><argument> : <username>: <permissions><file or directory name>

 The options are, -m —–> Modifies an ACL.

 -x —–> Removes an ACL.

 -b —–> Remove all the ACL permissions on that directory.

 -R —–> Recurses into subdirectories.

 The arguments are,

 u —–> user

 g —–> group

 o —–> other

What is the syntax to assign read and write permissions to particular user, group and other?

for user # setfacl -m u : <user name> : <permissions><file or directory>

ACL for group # setfacl -m g : <user name> : <permissions><file or directory>

Others # setfacl -m o : <user name> : <permissions><file or directory>

What is the syntax to assign read and write permissions to particular user, group and other at a time?

1. # setfacl -m u : <user name> : <permissions>, g : <user name> : <permissions>, o : <user name> : <permissions><file or directory>

Useful commands :

2. # setfacl -x u : <user name><file or directory name> (to remove the ACL permissions from the user)

3. # setfacl -x g : <user name><file or directory name>(to remove the ACL permissions from group)

4. # setfacl -x o : <user name><file or directory name> (to remove the ACL permissions from other)

5. # setfacl -b <file or directory> (to remove all the ACL permissions on that file directory)

Please give your comments and suggestions below thank you.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

x