Day 6 Task: File Permissions and Access Control Lists🚀

Introduction📚
Welcome to Day 6 of the #90daysofdevops challenge. In this Blog, we will explore File permission and ownership in files and directories. also will learn how to apply ACL on files and directories. so let's explore the permissions in Linux.📝

File Permissions Overview📃
File permissions are core to the security model used by Linux systems.determine who can access files and directories on a system.

Linux File Ownership

Every file and directory on your Unix/Linux system is assigned 3 types of owner, given below.

User

A user is the owner of the file. By default, the person who created a file becomes its owner. Hence, a user is also sometimes called an owner.

Group
A user- group can contain multiple users. All users belonging to a group will have the same Linux group permissions access to the file. Suppose you have a project where a number of people require access to a file. Instead of manually assigning permissions to each user, you could add all users to a group, and assign group permission to file such that only this group members and no one else can read or modify the files.

Other

Any other user who has access to a file. This person has neither created the file, nor he belongs to a usergroup who could own the file. Practically, it means everybody else. Hence, when you set the permission for others, it is also referred as set permissions for the world.

Linux File Permission

Basically, there are three types of permission are there,

Read (r) - This permission give you the authority to open and read a file.📰

Write (w) - Write permission gives you the authority to modify the contents of a file. we can add, remove or modify the file.📝

Execute - Execute permission gives you authority to run the files.💻

To view the permission we can use ls -l and to modify the permission we use chown.

Task 1: Create a simple file and do ls -ltr to see the details of the files

File Permission in Linux

Check Permissions in Command-Line with Ls Command

Go to the command line, you can easily find a file’s permission settings with the ls command, used to list information about files/directories. You can also add the –l option to the command to see the information in the long list format.
To check the permission configuration of a file, use the command:

ls –l [file_name]

For instance, the command for the previously mentioned file would be:

ls –l test.txt

Using Chmod Command to Change File Permissions

As all Linux users, you will at some point need to modify the permission settings of a file/directory. The command that executes such tasks is the chmod command.
The basic syntax is:

chmod [permission] [file_name]

There are two ways to define permission:

using symbols (alphanumerical characters)
using the octal notation method

Define File Permission with Symbolic Mode
To specify permission settings using alphanumerical characters, you’ll need to define accessibility for the user/owner (u), group (g), and others (o).

Type the initial letter for each class, followed by the equal sign (=) and the first letter of the read (r), write (w) and/or execute (x) privileges.

To set a file, so it is public for reading, writing, and
executing, the command is:

chmod u=rwx,g=rwx,o=rwx [file_name]

To set permission as in the previously mentioned test.txt to be:
• read and write for the user
• read for the members of the group
• read for other users
Use the following command:

chmod u=rw,g=r,o=r test.txt

nstead of letters, the octal format represents privileges with numbers:

read has the value of 4

w(rite) has the value of 2

execute has the value of 1

no permission has the value of 0

The privileges are summed up and depicted by one number. Therefore, the possibilities are:

7 – for read, write, and execute permission

6 – for read and write privileges

5 – for read and execute privileges

4 – for read privileges

As you have to define permission for each category (user, group, owner), the command will include three (3) numbers (each representing the summation of privileges).

For instance, let’s look at the test.txt file that we symbolically configured with the chmod u=rw,g=r,o=r test.txtcommand.

The same permission settings can be defined using the octal format with the command:

chmod 644 test.txt

Access Control Lists Command (ACL )

Access Control List command provides an additional more flexible permission mechanism for file system. ACL is a Service which is used for providing special permission to specific user and group to a particular directory and files.

The two main ACL command are ⚙getfacl and setfacl🐱‍🏍

The Getfacl command is used to retrieve the ACLs of a file or directory. It shows the detailed ACL entries and their associated permissions for specific users and groups.

getfacl cron.txt
#first we need to install acl using: sudo apt install acl

The setfacl command is used to set or modify ACLs on a file or directory. It allows you to define specific access permissions for individual users or groups.

setfacl -m g::rwx cron.txt
#Here we are adding read,write and execute permission to group and the file name is cron