Day 6 Task: File Permissions and Access Control Lists

Day 6 #90DayOfDevops

User Management in Linux:

In Linux, user management is an important aspect of system administration. It involves creating, modifying, and deleting user accounts, managing user groups, and setting permissions and access controls.

Here are some basic commands and techniques for managing user accounts in Linux:

  1. Adding a new user: To add a new user account, you can use the 'useradd' command followed by the username. For example, to add a new user named 'john', you can run the following command:

  2. To set a password for the new user account, you can use the 'passwd' command followed by the username. For example, to set a password for the 'john' account, you can run the following command:

  3. To delete a user account, you can use the 'userdel' command followed by the username. For example, to delete the 'john' account, you can run the following command:

  4. userdel: This command is another way to delete a user account. It has more options than deluser, but it is also more complex to use.

  5. id: This command is used to display the user ID and group ID for a user account. For example, to display the user ID and group ID for the user "Krishnaraj", you would run the command "id Krishnaraj".

File Permissions and Access Control Lists

  1. Create a simple file and do ls -ltr to see the details of the files:

    There are several ways to create a file in Linux, some of the most common methods are:

    1. Using the touch command: This is the simplest and quickest way to create a file. You can create an empty file with the touch command, as shown in the example above.

    2. Using a text editor: You can create a file using a text editor, such as nano, vim, or emacs. This allows you to create a file and add content to it at the same time. To create a file using nano, for example, you can type nano myfile.txt in the terminal.

    3. Using the echo command: You can also create a file using the echo command. For example, echo "Hello, World!" > myfile.txt creates a file named myfile.txt and writes the text "Hello, World!" to it.

    4. Using the cat command: The cat command can also be used to create a file. For example, cat > myfile.txt opens a new file named myfile.txt and allows you to type content into the file. Once you're done, press Ctrl + D to save the file.

    5. Using redirection: You can use redirection to create a file and write content to it in one command. For example, ls -l > filelist.txt creates a file named filelist.txt and writes the output of the ls -l command to it.

These are just a few examples of the ways to create a file in Linux. There are many other methods and tools available, depending on your needs and preferences.

We will create a file using touch command. Please find screen shot as below:

  1. "chown" is used to change the ownership permission of a file or directory.

    The chown command in Linux is used to change the ownership of a file or directory. The term "ownership" refers to the user and group assigned to a file or directory. The chown command is typically used by system administrators to change the ownership of files or directories from one user or group to another.

    The syntax for the chown command is as follows:

    chown [OPTIONS] USER[:GROUP] FILE

  2. Where:

    • USER is the username of the new owner

    • GROUP is the group name of the new owner (optional)

    • FILE is the file or directory whose ownership will be changed

Here are some common options used with the chown command:

  • -R: Recursively changes the ownership of all files and directories in the specified directory.

  • -v: Verbose mode; prints a message for each file that is processed.

  • -c: Like verbose mode, but only prints a message if a change was made.

  • -h: Changes the ownership of a symbolic link itself, rather than the file it points to.

  • Example:

  1. The chgrp command is a command-line utility in Linux and other Unix-like operating systems that is used to change the group ownership of a file or directory.

    The syntax of the chgrp command is as follows:

    chgrp [OPTIONS] GROUP FILE

    where GROUP is the name of the group to which the file or directory is to be changed, and FILE is the name of the file or directory to which the group ownership is to be changed.

    Some common options that can be used with the chgrp command include:

    • -R or --recursive: change the group ownership of the specified directory and its contents recursively.

    • -v or --verbose: display a message for each file or directory whose group ownership is changed.

    • -c or --changes: display a message only if the group ownership of a file or directory is changed.

    • For example, to change the group ownership of a file named example.txt to a group named developers, the following command can be used:

      chgrp developers example.txt

    • To change the group ownership of a directory and its contents recursively to a group named webmasters, the following command can be used:

      chgrp -R webmasters /var/www/html/

    • Note that the chgrp command requires root privileges to change the group ownership of files or directories that you don't own.

  2. Example:

  3. chmod" is used to change the other users permissions of a file or directory.

    As a task, change the user permissions of the file and note the changes after ls -ltr

    The chmod command is a command-line utility in Linux and other Unix-like operating systems that is used to change the permissions (i.e., read, write, execute) of a file or directory.

    The syntax of the chmod command is as follows:

    chmod [OPTIONS] MODE FILE

The chmod command is a command-line utility in Linux and other Unix-like operating systems that is used to change the permissions (i.e., read, write, execute) of a file or directory.

The syntax of the chmod command is as follows:

bashCopy codechmod [OPTIONS] MODE FILE

where MODE is the permission mode that is to be set, and FILE is the name of the file or directory to which the permission mode is to be applied.

The permission mode consists of three components: the owner permissions, the group permissions, and the other permissions. Each component can be represented by a three-digit octal number or a symbolic representation.

In the octal notation, each digit corresponds to a set of permissions: the first digit represents the owner permissions, the second digit represents the group permissions, and the third digit represents the other permissions. Each digit is calculated by adding up the values of the corresponding permissions: 4 for read, 2 for write, and 1 for execute. For example, the permission mode 755 means that the owner has read, write, and execute permissions, and the group and others have only read and execute permissions.

In the symbolic notation, the permission mode is represented by a combination of letters and symbols that indicate which permissions are being added, removed, or set to a specific value. The letters that are used are:

  • u for the owner permissions

  • g for the group permissions

  • o for the other permissions

  • a for all permissions (i.e., u, g, and o)

The symbols that are used are:

  • + to add permissions

  • - to remove permissions

  • = to set permissions to a specific value

For example, the following command sets the owner and group to have read and write permissions, and the others to have only read permissions on a file named example.txt:

chmod 664 example.txt

The following command grants execute permission to the owner and group, and removes write permission from others on a file named script.sh:

chmod ug+x,o-w script.sh

chmod ug+x,o-w script.sh

Note that the chmod command requires sufficient permissions to change the permissions of a file or directory. If you are not the owner of the file or directory, you need to have the appropriate privileges or be logged in as the root user.

7.Write an article about File Permissions based on your understanding from the notes.

File permissions are an essential aspect of file management in Unix-based systems such as Linux. In such systems, each file and directory is associated with a set of permissions that determines which users and processes can access them and how. Understanding file permissions is crucial for system administrators, developers, and anyone who works with files in a Linux environment.

In Linux, file permissions are divided into three categories: owner, group, and others. Each category has three permissions: read, write, and execute. The read permission allows a user to read the contents of the file, the write permission allows a user to modify the file, and the execute permission allows a user to execute the file as a program or script.

To view the permissions of a file or directory, use the ls -l command. The output of this command shows the file type, permissions, owner, group, size, and modification time of each file or directory. The permissions are represented by ten characters, where the first character indicates the file type, and the remaining nine characters indicate the permissions. The first three characters represent the owner permissions, the next three represent the group permissions, and the last three represent the other permissions.

The permissions can be set using the chmod command. The syntax of this command is chmod [OPTIONS] MODE FILE, where MODE is the permission mode that is to be set, and FILE is the name of the file or directory to which the permission mode is to be applied. The permission mode can be specified in either numeric or symbolic notation.

In the numeric notation, each permission is represented by a digit: 4 for read, 2 for write, and 1 for execute. To calculate the permission mode, add up the values of the corresponding permissions for each category. For example, the permission mode 755 means that the owner has read, write, and execute permissions, and the group and others have only read and execute permissions.

In the symbolic notation, the permission mode is represented by a combination of letters and symbols that indicate which permissions are being added, removed, or set to a specific value. The letters that are used are:

  • u for the owner permissions

  • g for the group permissions

  • o for the other permissions

  • a for all permissions (i.e., u, g, and o)

The symbols that are used are:

  • + to add permissions

  • - to remove permissions

  • = to set permissions to a specific value