Learn N Try

For all Lean Enthusiast

Permissions

Symbolic   Numeric
r Read 4
w Write 2
x Execute 1
No Permission 0

 

 

  • When root user create any directory then default permission à 755
  • When root user create any file then default permission à 644
  • When other user create any directory then default permission à 775
  • When other user create any file then default permission à 664
  • Umask for root user à 022
  • Umask for other user à 002
  • chown //change ownership
  • chmod //modify permission
  • chgrp //change group for file or directory
  • chmod -R rwX <dir> //it will set rwx permission to parent directory and all child directory

 

1.1    Special Permission

  • SUID à Set UID //set for user. Allow user to execute a file as owner
  • SGID à Set GID        //set for group

 

For SUID

  • chmod u+s <file or dir>
  • chmod 4755 <file or dir>

 

To Remove SUID

 

  • chmod u-s <file or dir>
  • chmod 0755 <file or dir>

 

 

To Set SGID

 

  • chmod g+s <file or dir>
  • chmod 2770 <file or dir>

 

To Remove SGID

 

  • chmod g-s <file or dir>
  • chmod 2770 <file or dir>

 

1.2    Sticky Bit

When set on a directory, users with write access to the directory can only delete files they own in the directory.

# chmod o+t <dir>                //to set sticky bit

# chmod o-t <dir>                 //to remove sticky bit

 

1.3    ACL (Access Control List)

  • To view ACL à getfacl
  • To set/modify/remove ACL à setfacl

 

  • setfacl -m u:redhat:rwx /linux
  • setfacl -m g:HR:— /linux
  • setfacl -m u:redhat:rwx, g:HR:— /linux
  • getfacl /linux

Default ACLs

  • setfacl -m d:u:mmsuper:r– /linux
  • setfacl -m d:g:IT:rw- /linux
  • getfacl /linux
  • To set default ACL first we need to set normal ACL for user and group.

Remove ACL

  • setfacl -x u:redhat /linux //only remove ACL of particular user or
  • setfacl -x d:u:IT /linux //group

 

  • setfacl -k /linux // to remove all default ACL

 

  • setfacl -b /linux // to remove all ACL