Amit Parad's Blog

Linux File Permission and ACL

Amit Parad's photo
Amit Parad
·

3 min read

Linux File Permission and ACL

Viewing File Permissions:

  1. We can use the ls command with the -l option to view detailed information about files and directories, including their permissions. For example:

The output looks like the file has Read, Write and Execute permission for its owner only.

The first column represents the file type and permissions.

  1. File Permission Notation:

    The permissions are represented by ten characters, including the file type and the three sets of permissions for user, group, and others. For example:

    -rwx------

    The first character represents the file type (- for a regular file). The next three characters represent user permissions, the next three represent group permissions, and the last three represent other permissions.

  2. Symbolic Notation:

    You can change file permissions using the chmod command. The symbolic notation allows you to add or remove specific permissions. For example:

    chmod u+x filename # Add execute permission for the owner

    chmod go-rw filename # Remove read and write permissions for the group and others

  3. Numeric Notation:

    Another way to set file permissions is using numeric notation. Each permission has a numeric value (read = 4, write = 2, execute = 1). You can add these values to represent multiple permissions. For example:

    chmod 644 filename # Set read and write for user, read for group and others

  4. Changing Ownership:

    The chown command is used to change the owner of a file or directory. For example:
    chown newowner:newgroup filename

  5. Changing Group:

    The chgrp command is used to change the group ownership of a file or directory. For example:

    chgrp newgroup filename

ACL:

Access Control Lists (ACLs) in Linux provide a more fine-grained and flexible way to manage permissions beyond the traditional owner, group, and others model. ACLs allow you to set permissions for specific users or groups on a file or directory. To use ACLs, your filesystem must support them (common in modern Linux distributions with ext2, ext3, ext4, and some others).

Here's an overview of how ACLs work and some common commands:

  1. Checking ACLs: To see the ACL of a file or directory, you can use the getfacl command:

    1. Setting ACLs: To set ACLs, you can use the setfacl command. The basic syntax is as follows:

      setfacl -m u:username:permissions filename

      • u: Specifies a user.

      • g: Specifies a group.

      • m: Modifies the ACL.

        3. Removing ACLs: To remove an ACL entry, you can use the -x option with setfacl:

        setfacl -x u:username filename

        1. Default ACLs: Default ACLs are applied to newly created files and directories within a directory. You can set default ACLs using the -d option with setfacl:

          setfacl -m default:u:username:permissions directory

          1. Removing All ACLs: To remove all ACLs from a file or directory, you can use the setfacl command with the -b option:

            setfacl -b /path/to/directory

            Thank You!!

            Happy Learning !!

File permissions Linux Unix ACLs Access Control Lists Security Permissions chmod chown setfacl getfacl Octal notation Symbolic notation User permissions Group permissions Other permissions Fine-grained access control File ownership File system security Command line Operating systems