File Permissions and Access Control Lists

Prabhakar YadavPrabhakar Yadav
2 min read

#90DaysOfDevOps

(1) Create a simple file and do ls -ltr to see the details of the files. Change the user permission of the file.

(2)Write an article about File permissions in Linux.

In Linux, Three types of users are there-

  • owner-The owner of the file or application.

  • group-The group that owns the file or application.

  • others-All users with access to the system. (outside the users are in a group).

File permissions in Linux for all three types of users:-

(i)Read permission: Read permission allow users to open and read the file only.

(ii)Write permission: This allows the user to make changes to the file.

(iii)Executable permission: This grants the user the ability to run an executable script.

We can find all file permission via the ls -ltr command. Below you can see the file permissions-

chmod is the command by which we can give permissions to the owner, group, and other users.

Symbolic mode

chmod u+x file1.txt

Absolute mode

chmod 777 file1.txt

(3) Read about ACL and try out the commands getfacl and setfacl.

Linux Access Control Lists (ACLs) were created to address situations like this one. ACLs give us the ability to give a file or directory a more specialised set of permissions without (necessarily) altering the default ownership and permissions. We were able to add access for additional people or groups.

setfacl command in Linux is used to set access control lists (ACLs) of files and directories. ACL helps to create an additional, more flexible permission mechanism for the file system. It allows us to provide permission for any user or group to any disk resource.

Whereas, getfacl command is used to get file access control lists. For each file, getfacl displays the file name, owner, group, and Access Control List (ACL). If a directory has a default ACL, getfacl also displays the default ACL.

The -m or --modify=acl options modify the current ACL of a file or directory. For example, to give read and write permission to user deepak:

setfacl -m u:deepak:rw file

0
Subscribe to my newsletter

Read articles from Prabhakar Yadav directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Prabhakar Yadav
Prabhakar Yadav