π DevOps 1.1: Linux File Permissions Unveiled! ππ
Level up your Linux skills with DevOps 1.1! Master the art of file permissions. Let's dive into the world of Linux permissions! π»π
Table of contents
- The Fab Four basic permission! π»π:
- ππ Viewing Of File Permissions:
- ππ Changing Ownership: Master the Art of Ownership Transfers in Linux! π»π§
- πβ¨ Managing Permissions For Users, Groups, and Others in Linux! π»π§
- π’β¨ Managing Permissions: Numeric Method Unleashed in Linux! πͺπ
- Conclusionπ:
π File Permissions in Linux: Protecting Your Data! ππ
File permissions in Linux determine who can access, modify, or execute files and directories. They ensure data security and maintain system integrity. Understanding file permissions is crucial for effective Linux administration. Let's unravel the power of file permissions! π»ππ
In Linux, file permissions are represented by a set of three permissions for three different user categories: owner, group, and others.
The Fab Four basic permission! π»π:
Read (r): Allows users to view the contents of a file or list the files within a directory.
Write (w): Permits users to modify or update a file's content or create, rename, or delete files within a directory.
Execute (x): Grants users permission to run or execute a file as a program or access files within a directory.
-: No permission (in place of the r, w, or x).
ππ Viewing Of File Permissions:
ls -l /bin/login : File permission can be viewed using ls -l.
Let's decode the above resultππ‘:
-: First bit denotes the file type.
rwx: Next 3 bits are for the user of the file. (Here the user root has permission to read, write and execute.)
r-x: These 3 bits are for the groups. (Here the group root has permission to only read and execute)
r-x: Last 3 bits are for the others.
ππ Changing Ownership: Master the Art of Ownership Transfers in Linux! π»π§
chown -R ansible:devops /opt/devopsdir - chown command is used to change the ownership.
Note - R flag will recursively change the subdirectories ownership too to ansible and devops. (Be careful while using it).
As you can see root user and root group is changed to ansible and devops respectively.
πβ¨ Managing Permissions For Users, Groups, and Others in Linux! π»π§
chmod o-x /opt/devopsdir - chmod command is used to add or remove permissions. In the above command execute access is been removed for others.
Note - To add access use + instead of -. For group use g and for user use u. See the below example for more understanding.
[root@bazinga ~] ls -ld /opt/devopsdir/ # Current permissions
drwxr-xr-x. 2 ansible devops 6 Jul 7 06:19 /opt/devopsdir/
[root@bazinga ~] chmod o-x /opt/devopsdir # execute permission removed for others
[root@bazinga ~] ls -ld /opt/devopsdir/
drwxr-xr--. 2 ansible devops 6 Jul 7 06:19 /opt/devopsdir/
[root@bazinga ~] chmod o-r /opt/devopsdir # read permission removed from others
[root@bazinga ~] ls -ld /opt/devopsdir/
drwxr-x---. 2 ansible devops 6 Jul 7 06:19 /opt/devopsdir/
[root@bazinga ~] chmod g+r /opt/devopsdir # read permission added to the group
[root@bazinga ~] ls -ld /opt/devopsdir/
drwxr-x---. 2 ansible devops 6 Jul 7 06:19 /opt/devopsdir/
[root@bazinga ~] chmod g+w /opt/devopsdir # write permission added to the group
[root@bazinga ~] ls -ld /opt/devopsdir/
drwxrwx---. 2 ansible devops 6 Jul 7 06:19 /opt/devopsdir/
[root@bazinga ~] su - miles # switch to miles(other user) user
[miles@bazinga ~]$ ls /opt/devopsdir # miles is other user who cannot read this directory
ls: cannot open directory '/opt/devopsdir': Permission denied
[miles@bazinga ~]$ cd /opt/devopsdir # miles cannot go(execute) to that directory
-bash: cd: /opt/devopsdir: Permission denied
[miles@bazinga ~]$ touch /opt/devopsdir/test.txt # cannot write into the directory
touch: cannot touch '/opt/devopsdir/test.txt': Permission denied
[miles@bazinga ~]$ su - aws # switch to aws (it is in the devops group)
Password:
Last login: Wed Jul 5 06:52:47 PDT 2023 on pts/0
[aws@bazinga ~]$ id
uid=1003(aws) gid=1003(aws) groups=1003(aws),1006(devops) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[aws@bazinga ~]$ ls /opt/devopsdir # can access(read) the directory
[aws@bazinga ~]$ cd /opt/devopsdir # can enter(execute) to the directory
[aws@bazinga devopsdir]$ touch awsfiles # can write to the directory
[aws@bazinga devopsdir]$ cd ..
[aws@bazinga opt]$ ls -;
ls: cannot access '-': No such file or directory
[aws@bazinga opt]$ ls -l
total 0
drwxr-xr-x. 3 root root 17 Jun 6 04:16 dev
drwxrwx---. 2 ansible devops 22 Jul 8 06:05 devopsdir
[aws@bazinga opt]$ exit
logout
[miles@bazinga ~]$ exit
logout
[root@bazinga ~]
π’β¨ Managing Permissions: Numeric Method Unleashed in Linux! πͺπ
Uses a three digit mode number:
First digit specifies owner's permission.
Second digit specifies group permission.
Third digit represents others' permissions.
Permissions are calculated by adding:
4 (for read)
2 (for write)
1(for execute)
Example
chmod 640 myfile.txt
Conclusionπ:
In conclusion, understanding file permissions in Linux is π crucial for maintaining the security and integrity of your system. With the right permissions, you can control access to files and directories, ensuring privacy and preventing unauthorized modifications. So, π dive into the world of file permissions, master the art of access control, and safeguard your Linux environment! π»π