Day 6 : File Permissions & ACL's

Day 6 : File Permissions & ACL's

All About File Permissions & Access Control Lists

ยท

6 min read

๐Ÿ’ผFile Permissions

In Linux, each file and directory is like a treasure chest ๐ŸŽ with a lock ๐Ÿ”’, guarding its contents. These "file permissions" determine who can access, read, write, or execute the files.

There are three main types of permissions, each represented by a trio of letters:

  1. Read (r) ๐Ÿ“–: If a file has "read" permission, it's like having a window to peek inside the treasure chest. You can view the contents but cannot modify them.

  2. Write (w) โœ๏ธ: With "write" permission, you can modify or add new content inside the treasure chest. You can make changes but cannot view the content without 'read' permission.

  3. Execute (x) ๐Ÿƒโ€โ™‚๏ธ: Having "execute" permission is like having the power to open the treasure chest and use its secrets. This is crucial for running programs or accessing directories.

Now, we group people into three categories, much like different teams or roles:

  1. User (u) ๐Ÿ‘ค: Represents the file's owner, like the captain of the treasure chest. They can set permissions and do anything with the file.

  2. Group (g) ๐Ÿ‘ฅ: Includes users belonging to a specific team, like a group of explorers. They have the same permissions as the User (u).

  3. Others (o) ๐ŸŒ: Refers to everyone else, like the public. Their permissions are the third trio of letters.

So, if a file's permission is "rw-r--r--", it means the owner can read and write, the group can read, and others can only read.

For Example๐Ÿ’ผ:

Let's say you have a file named my_file.txt

  1. Check Permissions: Use ls -l <filename> to see the current permissions:

     ls -l my_file.txt
    
  2. Change Permissions: Use chmod command to modify permissions. For example, to give the owner write permission:

     chmod u+w my_file.txt
    
  3. Combining Permissions: You can also combine permissions. For instance, to give the owner read and execute permissions:

     chmod u+rx my_file.txt
    

To adjust file permissions, we have magic numbers ๐Ÿ”ข that represent different combinations of read (4), write (2), and execute (1):

  • 0๏ธโƒฃ: No permission

  • 1๏ธโƒฃ: Execute

  • 2๏ธโƒฃ: Write

  • 3๏ธโƒฃ: Write + Execute

  • 4๏ธโƒฃ: Read

  • 5๏ธโƒฃ: Read + Execute

  • 6๏ธโƒฃ: Read + Write

  • 7๏ธโƒฃ: Read + Write + Execute

By changing these numbers, we can customize file permissions similar to a locksmith ๐Ÿ”‘๐Ÿ”’

๐Ÿ›  chown,chmod & chgrp

In terms of Linux file management, you have total control over your computer files. You may modify the owner, group, and permissions of files and folders directly, making you the only moderator of your data ๐Ÿ‘ค๐Ÿ‘ฅ๐Ÿ”ง

'chmod' ๐Ÿฆพ

You can use this command to change file permissions, much like a digital wizard adjusting access levels to your treasures. It's the equivalent of giving out keys to read, write, or execute files, selecting who goes in and what they can do.

Think of chmod as the key to unlock specific doors for different users.

  1. Check Permissions: Use ls -l <filename> to see current permissions:

     ls -l my_file.txt
    
  2. Change Permissions: Use chmod to modify permissions. For example, to give the owner write permission:

     chmod u+w my_file.txt
    

'chgrp'๐Ÿ‘ฅ

With this command, you can change the group of a file, forming squads of users with shared access. Imagine putting your allies ๐Ÿ‘ฅ๐Ÿ›ก๏ธ in a team, granting them collective access to files and folders.

  1. Check Group: Use ls -l <filename> to see the current group:

     ls -l my_file.txt
    
  2. Change Group: Use sudo chgrp <new-group> <filename> to change the group:

     sudo chgrp newgroup my_file.txt
    

'chown' ๐Ÿ‘ค

This command lets you transfer ownership of files, like passing the authority to someone else. You can transfer ownership of your file to another user, giving them complete control and responsibility.

  1. Check Ownership: Use ls -l <filename> to see the current owner:

     ls -l my_file.txt
    
  2. Change Ownership: Use sudo chown <new-owner> <filename> to change ownership:

     sudo chown newuser my_file.txt
    

In summary, understanding file permissions in Linux empowers you to control access to your files and directories, ensuring the security and proper management of your digital treasures. ๐ŸŒŸ๐Ÿ—๏ธ๐Ÿ’ผ

๐Ÿ“‹ACL (Access Control List)

In Linux, file permissions act like a basic lock ๐Ÿ” on a treasure chest ๐ŸŽ, determining who can access the contents. But, ACL adds an extra layer of security and flexibility, like a keyring ๐Ÿ—๏ธ that grants precise access to specific users and groups.

ACL (Access Control List) is an addition to the standard user, group, and 'others' permissions, ACL allows you to create customized rules for individual users and groups, as per their needs. ๐ŸŒŸโœจ

For example: Imagine you have a document ๐Ÿ“„ with sensitive information. You want your trusted friend, Bob ๐Ÿ‘จ, to read and edit it, while Alice ๐Ÿ‘ฉ can only read. But you wish to keep it hidden from others ๐Ÿ‘ค๐ŸŒ.

With ACL, you can grant Bob and Alice their unique access privileges, like digital VIP passes! ๐Ÿ‘‘๐ŸŽŸ๏ธ You can even allow additional users or groups, making it highly versatile.

To apply ACL, think of the "getfacl" command as your magical crystal ball ๐Ÿ”ฎ. It shows you the existing ACL settings, revealing who can access the file and their specific permissions.

And to modify ACL, use the "setfacl" command ๐Ÿช„๐Ÿ”ง. It empowers you to add or remove users and groups, fine-tuning access to your digital treasures.

Let's dive into hands-on ACL usage with a file named important.doc.

  1. Check ACL: To see existing ACLs, use:

     getfacl important.doc
    
  2. Add ACL Entry: Use setfacl to add an ACL entry. For example, to grant read access to a specific user:

     setfacl -m u:username:r-- important.doc
    
  3. Modify ACL Entry: To modify an existing ACL entry, use:

     setfacl -m u:username:rw- important.doc
    
  4. Remove ACL Entry: To remove an ACL entry, use:

     setfacl -x u:username important.doc
    

Remember, ACL complements traditional file permissions, adding an extra layer of control and precision.

In summary, Access Control Lists (ACL) in Linux grant you the power to customize access to your files and directories, catering to specific users and groups. This ensures extra security and efficient management of your digital treasures. ๐ŸŒŸ๐Ÿ—๏ธ๐Ÿ”’

Conclusion๐ŸŽฏ

In conclusion, File permissions are like the main door lock, while ACL serves as a special keyring with additional VIP passes. ๐Ÿ”’๐Ÿ”‘ With file permissions, you have a standard set of keys for the owner, group, and others. With ACL, you create custom keys, allowing specific users and groups to access your digital treasures with precision and security. ๐ŸŒŸ๐Ÿšช๐Ÿ’ผ


โœ‰Endcard:

๐ŸŽ‰ Thank you for joining me on this insightful journey into the world of DevOps!

โค If you found this blog helpful and informative, don't forget to give it a like!

๐Ÿ”„ Share this valuable knowledge with your friends and colleagues, so they can also benefit from understanding the power of DevOps!

๐Ÿ‘‰ Stay updated with my latest posts and never miss out on exciting content! Click that Follow button to join and stay in the loop!

Follow me on Linkedin --> abdallah-qamar ๐Ÿ‘”

Stay tuned for Day 7...๐Ÿ‘‹

#DevOps #SoftwareDevelopment #Technology #FollowUs #LikeAndShare #StayInformed #90daysofdevops #linux ๐Ÿ“š๐Ÿ”๐ŸŒˆ

ย