Access Control in Linux Environment - BunksAllowed

BunksAllowed

BunksAllowed is an effort to facilitate Self Learning process through the provision of quality tutorials.

Community

Join WhatsApp Grpup using https://chat.whatsapp.com/EAcqRurEOXb52Ax7Tlmj9I

  • Home
    • Home Linux Technology Access Control in Linux Environment

    Access Control in Linux Environment

    Share This
    Access Control is an important feature in Linux. In a Linux environment, there are three types of owners, namely, user, group, and other
    • User: In a Linux environment, multiple user accounts may exist. Hence, a user can create, delete or modify a file. By default, the user who creates the file becomes the owner of the file.
    • Group: A group can contain multiple users. Access permission of a file given to a group is assigned to all the members of the group.
    • Other: Anyone who has access to a file other than a user or a group member comes in this category.
    Users and groups are managed in /etc/psswd and /etc/group files of the Operating System. 

    If you run ls -lh command, the files, and directories will be listed with ownership details. 

    To know the local user accounts of a system, you can run cut -d: -f1 /etc/passwd | column

    Group change

    The chgrp command is used to change the group owner of a file. 
    Remember that only the root user has this permission to change the owner or group of the files. 
    The syntax is chgrp <newGroup> <fileName>

    Owner change

    The owner of a file can be changed using chown <newOwner> <fileName> command. 
    If you want to change the owner and group together, you can use chown <newOwner:newGroup> <fileName>.

    File Permissions

    In the Linux system, the users have three types of access permissions. These are shown below:
    • Read(r): The read permission allows a user to open and read the content of a file (ex. cat command) and content of a directory (ex. ls command). 
    • Write(w): The write permission allows a user to edit, remove or rename a file. If a file is present in a directory, and write permission is set on the file but not on the directory, then the user can edit the content of the file as write permission is given on the file but can't remove, or rename it as write permission is not given on the directory where the file exists.
    • Execute(x): A user can't run a program unless execute permission is set. If write permission is not set on a directory, the user can't enter the directory using the cd command. 
    If you run ls -l, you will see ten characters (-rw-rw-r--) before the user owner. Nine characters except the first one represent file permission. For example, file permission -rwxrw-r-- represents read, write and execute permission is granted for the user, read and write permission is granted to the group and only read permission is granted to others.

    Permission change

    To change the permissions, you can use chmod command as chmod <groupName>+<permissionName> <fileName>
    chmod u+x file 
    chmod g-x file 
    chmod u-w file 
    Instead of using r, w, or x, you can also use the octal form of permissions. For example, instead of rwxrw-r-x , you can use 765 
    The binary form of 7=111 , 6=110 and 5=101. It represents read-write-execute permission is assigned to the user, read-write permission is assigned to the group, and read permission is assigned to others.

    Happy Exploring!

    Tags
    Share This
    Author Image

    About BunksAllowed

    By on
    Labels: ,

    No comments:

    Post a Comment

    Note: Only a member of this blog may post a comment.

    Subscribe to: Post Comments (Atom)

    About BunksAllowed