A part of File Permissions was previously covered in my blog, please have a look here --> file_permissions
Now we will continue the remaining part of it.
Here, we will be working on Linux permissions and ownership and will do tasks on both of them. Let us start with the Permissions.
Create a simple file and do
ls -ltr
to see the details of the filesHere,
ls
is used to list all the contents within a directory.ls -l
is used to list the contents of a directory in a detailed or long format. When you run thels -l
command, it displays the file or directory name, permissions, owner, group, size, and creation/modification date for the contents.ls -lt
is used to list files and directories in the current working directory in a long format sorted by modification time, with the most recently modified file or directory appearing at the top of the list.ls -ltr
is used to list files and directories in a directory in a long format, sorted by modification time with the latest modification time at the bottom of the list.
Change owner_ship
chown
is used to change the ownership permission of a file or directory.
use sudo chown another_user_name file/folder_name
command.
Here, in the below example my,
another_user_name is (cronuser)
file/folder_name is (d2)
Before changing ownership.
After changing ownership.
Change Group
chgrp
is used to change the group permission of a file or directory.
use sudo chgrp group_name file/folder_name
command.
Here, in the below example my,
group_name is (cronuser)
file/folder_name is (d2)
After using the above command
Change permissions
use chmod a-r file/folder_name
command to remove read access to it.
Here, is the final changes that occurred on the directory (d2)
BEFORE
AFTER
Check here about--> File Permissions
Read about ACL and try out the commands
getfacl
andsetfacl
What is ACL?
It allows you to give more specific set of permission to a file or directory without changing the basic ownership and permissions.
setfacl
setfacl
enables you to grant or deny specific permissions to users or groups beyond the traditional read, write, and execute permissions available in Linux file systems.setfacl
can be used to set default permissions that apply to all new files and directories created within a particular directory.setfacl
is useful in multi-user environments where multiple users need to access the same files or directories, but with different levels of permission. ACLs can be set up to allow or deny access on a per-user or per-group basis.
getfacl
Retrieves ACLs: The primary purpose of "getfacl" is to retrieve the access control lists (ACLs) for files and directories. This allows you to see which users and groups have been granted specific permissions, such as read, write, or execute.
Provides detailed information: When you use "getfacl", it provides you with a detailed list of the current ACLs for a particular file or directory. This includes information such as the user or group associated with each ACL, the type of permission granted, and any special options that have been set.
Commands of ACL
setfacl and getfaclCommands used for setfacl are:
setfacl -m u:user:rwx targetfile
For adding the permission for the user
setfacl -m g:group:rwx targetfile
For adding permission to the groupsetfacl -x u:user:rwx targetfile
To remove a specific entry
setfacl -b targetfile
To remove all entriesThe command used for getfacl is:
getfacl file/folder_name
DEMO:
First, create a user and typegetfacl filename
Now, set permission for useracl using
setfacl
command as shown below.Here, we can see that useracl is given only read & write permission.
Now just typels -l acl.txt
we can see a + sign, which means ACL is used here. And the other user useracl can read & write in the file.
Thank you so much for reading.
Follow me at LinkedIn to see interesting posts like this : )