Day 6 : File Permissions and Access Control Lists

Divyansh JainDivyansh Jain
3 min read

Table of contents

🌟Introduction🌟

The #90DaysOfDevOps challenge is already on Day 6! We'll dive into File Permission and Access Control today and discuss how DevOps engineers might benefit from it.

File Permission

In Linux, every file and directory comes with a set of permissions that control who can access, modify, or execute them. These permissions are crucial for maintaining security and ensuring that only authorized users can interact with files and directories.

Understanding Basic File Permissions and ownership in Linux – The Geek Diary

Managing Permission Types

Linux file permissions are represented by three sets of permissions: read (r), write (w), and execute (x). Each set of permissions applies to three different groups: the owner of the file, the group associated with the file, and everyone else (others).

When you list files using the ls -l command, you'll see string like this: -rw-r--r--, which indicates the permissions for each group, respectively.

Look at the permission, the last three alphabet shows the permission for users(others) and it has only read permission. Let's assign write and execute permission to the user,

chmod u+wx hello

Additionally, we can change file permissions by numbers, Below command will change file permission of other to nil and user & group to full.

chmod 770 hello

Understanding Linux & Drupal File Permission System | Simple Information Inc.

This Image will explain to you how each file permission has different numbers associated.

Access Control Lists (ACLs):

🚪 ACL (Access Control Lists) 🚪 provide a powerful way to enhance file and directory permissions beyond the traditional 🔐 user-group-other 🔐 model. With ACLs, you can grant or restrict access to specific users or groups with more fine-grained control, giving you the flexibility to manage security in a sophisticated manner.

Note: You might need to install "acl" package as by default it is not available

Sudo apt install acl

The getfacl and setfacl commands are used to view and modify ACLs, respectively. For example:

getfacl hello

Now for using setfacl example for that we will create a new user and then add that to our file permission.

As you can see in screenshot now new user also has the permission to file hello.

Conclusion

A DevOps engineer must handle servers and security, so the information mentioned above is crucial. Additionally, if a new team member joins, give him the proper access and add him to a group.

Therefore, I urge you to give it a shot on your own and share what you learn in the comments area.

Gratitude for reading Keep checking back for more fantastic blogs.

Cheers to learning!

1
Subscribe to my newsletter

Read articles from Divyansh Jain directly inside your inbox. Subscribe to the newsletter, and don't miss out.

DevopsDay6#90daysofdevopsLinuxdivyanshjain

Written by

Divyansh Jain
Divyansh Jain

I'm a DevOps Engineer with over 3+ years of experience.