Day -6: File Permissions and Access Control Lists

Understanding File Permissions in Unix/Linux

---

File permissions are a crucial aspect of Unix/Linux systems, ensuring that files and directories are accessed and modified securely. In this blog, we'll delve into file permissions, how to modify them, and explore advanced concepts like ACL, sticky bit, SUID, and SGID. Let's get started! 🚀

---

1. Understanding File Permissions

Create a Simple File and Check Permissions

First, create a simple file and check its permissions using ls -ltr.

touch example.txt
ls -ltr example.txt

📸 Screenshot:

File Permission Categories

Each of the three permissions (read, write, execute) is assigned to three categories of users:

• Owner: The file's owner.

• Group: The group associated with the file.

• Others: All other users.

---

2. Changing Ownership and Group

Change Ownership Using chown

Change the ownership of a file using chown.

sudo chown new_owner example.txt
ls -ltr example.txt

📸 Screenshot:

Change Group Using chgrp

Change the group of a file using chgrp.

sudo chgrp new_group example.txt
ls -ltr example.txt

📸 Screenshot:

---

3. Changing Permissions Using chmod

Change Permissions for Others

Modify permissions for others using chmod.

chmod o+w example.txt
ls -ltr example.txt

📸 Screenshot:

---

Task: Change User Permissions and Note Changes

Change user permissions of the file and note the changes.

chmod u+rwx example.txt
ls -ltr example.txt

📸 Screenshot:

---

4. Writing an Article on File Permissions

Based on our understanding:

• File permissions ensure secure access and modification of files.

• Ownership can be modified using chown and chgrp.

• Permissions for owner, group, and others can be changed using chmod.

---

5. Access Control Lists (ACL)

Reading About ACL

Access Control Lists (ACL) provide more fine-grained control over file permissions.

Try getfacl and setfacl Commands

1. Create a Directory and Set ACL Permissions

mkdir acl_directory
setfacl -m u:username:rwx acl_directory

2. Verify Permissions Using getfacl

getfacl acl_directory

📸 Screenshot:

---

Additional Tasks

1. Script to Change Permissions of Multiple Files

Create a script to change permissions of multiple files based on user input.

#!/bin/bash

echo "Enter directory path:"
read dir_path
echo "Enter permissions (e.g., 755):"
read permissions

for file in $dir_path/*; do
  chmod $permissions $file
done

echo "Permissions changed for all files in $dir_path."

📸 Screenshot:

2. Script to Set ACL Permissions for a User

Create a script to set ACL permissions for a user on a given file.

#!/bin/bash

echo "Enter file path:"
read file_path
echo "Enter username:"
read username
echo "Enter permissions (e.g., rwx):"
read permissions

setfacl -m u:$username:$permissions $file_path

echo "ACL permissions set for $username on $file_path."

📸 Screenshot:

---

6. Understanding Sticky Bit, SUID, and SGID

Sticky Bit

Used on directories to restrict deletion of files.

mkdir sticky_dir
chmod +t sticky_dir
ls -ld sticky_dir

📸 Screenshot:

SUID (Set User ID)

Allows users to run an executable with the file owner's permissions.

sudo chmod u+s /path/to/executable
ls -l /path/to/executable

📸 Screenshot:

SGID (Set Group ID)

Files created in the directory inherit the group of the directory.

mkdir sgid_dir
chmod g+s sgid_dir
ls -ld sgid_dir

📸 Screenshot:

---

7. Backup and Restore Permissions

Backup Script

Create a script to back up current permissions of files in a directory.

#!/bin/bash

dir_path="/path/to/directory"
backup_file="permissions_backup.txt"

getfacl -R $dir_path > $backup_file

echo "Permissions backed up to $backup_file."

📸 Screenshot:

Restore Script

Create a script to restore permissions from the backup file.

#!/bin/bash

backup_file="permissions_backup.txt"

setfacl --restore=$backup_file

echo "Permissions restored from $backup_file."

📸 Screenshot:

---

Conclusion

Understanding and managing file permissions is crucial for system security and integrity. By mastering these concepts and tools, you can ensure that your Unix/Linux systems are secure and well-maintained. Happy scripting! 🎉