Download presentation
Presentation is loading. Please wait.
Published byNoel Pope Modified over 9 years ago
1
File Permission and Access
2
Module 6 File Permission and Access ♦ Introduction Linux is a multi-user system where users can assign different access permission to their files. Access permissions can be set per file for owner, group and others on the basis of read (r), write (w) and execute permissions (x). ♦ Topics ► File Permissions and Access ► Types of Access ► Who has to Access to a File? ► Access Control Lists Contd…
3
File Permission and Access File Permissions and Access ♦ Every file is owned by a particular user. ♦ File permissions specifies who has the access to file and what type of access the user has. ♦ On a Linux system, there is typically more than one user that provides a mechanism known as file permissions (rwx), which protect user files from accessing by other users. ♦ Types of permissions ► r – read ► w –write ► x –execute Contd…
4
File Permission and Access File Permissions and Access ♦ read permission The read permission lets a user read the contents of the file. For directories, read permission lets the user list the contents of the directory (using ls). ♦ write permisison The write permission lets the user write and modify the file. For directories, write permission lets the user create new files or delete files within the directory. ♦ execute permission The execute permission lets the user run the file as a program or shell script (if the file is a program or shell script). For directories, execute permission lets the user open the directory.
5
File Permission and Access Types of Access ♦ In Linux, every file or folder has access permissions. There are three types of permissions. ► read access ► write access ► execute access ♦ Permissions are defined for three types of users: ► owner of the file ► group that the owner belongs to ► other users Contd…
6
File Permission and Access Types of Access ♦ Default file permissions By default, the Linux system assigns certain permissions to a newly created file. The maximum permissions that we can set for an ordinary file is 666 and for directories and an executable files is 777. ► The default file permission for an ordinary user is 664 and for root it is 644. ♦ Displaying the umask ► The default umask file permissions for ordinary users are 002 and for root it is 022. where, 002 imply masking write permission for others and 022 implies masking write permission for the group and others. Contd…
7
File Permission and Access ♦ Displaying the umask ► To display the default mask use the umask command. Example # umask ♦ Displaying the default umask value Types of Access Contd…
8
File Permission and Access ♦ Changing the umask ► To change the default umask use the command Syntax # umask Example: umask 004 Types of Access
9
File Permission and Access Access permission user(owner)group Who has to Access a File? ♦ The owner and the root have the main access rights over a file. ♦ Example ► First column gives the access permissions to the user, group and others. ► Second column shows the user or owner of the file. ► Third column shows the group to which the file belongs. Contd…
10
File Permission and Access ♦ Changing permissions ► chmod command ► chmod changes the access permissions according to the options for directories and files. Syntax # chmod o+w Who has to Access a File? Contd…
11
File Permission and Access Who has to Access a File? ♦ The chmod command can be used with alphanumeric or numeric options. ► Example of symbolic method ► chmod u+rw,g-rwx,o-rwx file1 The above example, adds the read and write permission to the user (owner) removes the read, write and execute permission from the group to which the file belongs and removes the read, write and execute permissions for others. ► Example of numeric method ► # chmod 600 file1 6 indicates user (owner), 0 indicates group and the last number 0 indicates others. Contd…
12
File Permission and Access Who has to Access a File? ♦ Changing ownership ► chown command chown changes the owner and group of the file and directory. ► Syntax # chown ► Example # chown user1 file1.txt Contd…
13
File Permission and Access ♦ Special File Permissions ► There are three types of special file permissions set user identity (SUID) set group identity (SGID) sticky bit Who has to Access a File? Contd…
14
File Permission and Access Who has to Access a File? Contd… ♦ SUID or setuid ► It is represented by the character ‘s’ in the user permission field. ► When this mode is set on an executable file, the other users can login and run the executable file. ► The root’s id is set to the process. Syntax #chmod u+s where, u – user s - suid
15
File Permission and Access Contd… ♦ SGID or setgid ► It is also represented by the character ‘s’ in the group permission field. ► The sgid permission for the user’s own directory is set by the user. ► When any other user creates a new file, the file gets the group membership to which the directory belongs to and not to the primary group of the user. Syntax chmod g+s where, g – group s – suid ♦ Example: $ chmod g+s test Who has to Access a File?
16
File Permission and Access Who has to Access a File? ♦ Sticky bit ► If the sticky bit is set on directory, even others can read and write the data to the file, but can not delete the file except the owner. Syntax #chmod o+t where, o – others t - sticky bit ♦ Example: # chmod o+t /tmp Contd…
17
File Permission and Access Access Control Lists (ACLs) ♦ ACL is an object associated with a file and contains entries specifying the access that individual users or groups of users have to the file. ♦ It provides a simple way of granting or denying access for a specified user or groups of users on single file at the same time. ♦ Using the chmod command the user can set permissions to owner, group or others. ♦ Using ACL, the owner can set the different permissions on a single file for different users. Contd…
18
File Permission and Access Contd… ♦ Setting ACL using Setfacl ► setfacl - set file access control lists ► Syntax setfacl – u: : Access Control Lists (ACLs)
19
File Permission and Access Access Control Lists (ACLs) Contd… ♦ Getting ACL using getfacl ► The getfacl displays the file name, owner, the group, and the Access Control List (ACL). ► Syntax # getfacl
20
File Permission and Access Contd… Access Control Lists (ACLs) ♦ Copying ACL ► The acl’s can be copied to any files, for which the files get the same acl permissions from its source file. ► Syntax getfacl | setfacl --set-file= - where, --set-file options set the acl of a file or a directory
21
File Permission and Access Lab Exercise ♦ Change the permission of the following file using chmod command. -rwx-rw-r-- file2.txt ♦ From the following example change the permissions to ► User – read, write, execute ► Group – read and execute ► Others - only execute
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.