Linux Permissions!

Linux is multiuser system and everything in here is a file.

File ownership and permissions provides security at the file system level.

Users:

• Person creating file/directory becomes owner of it.
• A user belongs to a default group, and can also be a member of any of the other groups on a server.Types of Users in Linux:
• system users: Are used to run non-interactive or background processes on a system.
• regular users: Are used for logging in and running processes interactively.
• superuser: i.e. root user, that has the ability to override any file ownership and permission restrictions, has access to anything on its own server.
• to view all of the users on a system run cat /etc/group

Groups: collection of users..zero or more.

A group can have multiple-Users, set permissions to group and users under it will inherit those permissions.

• to view all the groups and their members cat /etc/group

Ownership's classes:

Every file/directory has a owner.

a. user: Owner of a file, by default one who creates.

b. group: Users added to the group.

c. other: User who donot belog useror group class.

Who donot belong to the group nor created any file/directory, but wants

to access file/directory.

2. Ownership's Permissions

Linux can have multiple Users and access to the system at the same time.

to avoid chaos and maintain strict privacy Permissions are definned.

Three permissions for each owners defined.

a.read:

File: allows to open and read a file.

Directory: allows to lists its content.

b.write:

File: allows to modify/delete the file.

Directory:allows to delete the directory, add, remove and rename files

stored in the directory.

c. execute:

File: allows to run the file and execute a program or script.

Directory:allows to access/traverse (cd) into a different directory

and make it your current working directory also able to access its

content.

3. View Permissions

View file permissions: ls -al directory/file

 drwxrwxr-x  3 ashwini ashwini   4096 Aug  6 14:03 .
 drwxr-xr-x 15 ashwini ashwini   4096 Aug  6 14:03 ..
 -rw-rw-r--  1 ashwini ashwini    424 Jul 18 06:55 addfiles.yml
 -rw-rw-r--  1 ashwini ashwini     54 Aug  6 13:17 client.my.cnf.j2

drwxrwxr-x are permissions.

d: stands for directory. if nothing - then its a file.

first notation denotes either file or directory.

r: read

w: write

x: execute

notation representation:

• first notation denotes either file or directory.
• remaining 9 notations divided in three set.

first set represents user permissions.

second set represents group permissions.

third set represents other permissions.

• ashwini ashwini: which user belonging to which group
• 4096: size of file or directory.
• Aug 6 14:03: time it got created.
• .: current directory
• ..:parent directory
• addfiles.yml: filename and its type.

note:

4. Change permissions of file using chmod

 0	No Permission           ---
 1	Execute	                --x
 2	Write	                -w-
 3	Execute + Write	        -wx
 4	Read	                r--
 5	Read + Execute	        r-x
 6	Read +Write	            rw-
 7	Read + Write +Execute	rwx

Example:

create a file: touch testing.

permissions:

$ ls -l testing
-rw-rw-r-- 1 ashwini ashwini 0 Aug  7 06:33 testing

testing is a file with read and write permisiions for both user and group, and read permissions for other user.

changing the file permissions based on table

$ chmod 740 testing
$ ls -l testing
-rwxr----- 1 ashwini ashwini 0 Aug  7 06:33 testing

File has all permissions for user only, read permission for group and no

permission for other

5.Change ownership of a file/directory using chown

Example:

• created the group grouptesting
• changed ownership to different group:chown user:group file

$  ls -l testing
-rwxr----- 1 ashwini ashwini 0 Aug  7 06:33 testing
$ sudo groupadd grouptesting
$ sudo chown ashwini:grouptesting testing
$ ls -l testing
-rwxr----- 1 ashwini grouptesting 0 Aug  7 06:33 testing