Permissions
Symbolic | Numeric | |
r | Read | 4 |
w | Write | 2 |
x | Execute | 1 |
– | No Permission | 0 |
- When root user create any directory then default permission à 755
- When root user create any file then default permission à 644
- When other user create any directory then default permission à 775
- When other user create any file then default permission à 664
- Umask for root user à 022
- Umask for other user à 002
- chown //change ownership
- chmod //modify permission
- chgrp //change group for file or directory
- chmod -R rwX <dir> //it will set rwx permission to parent directory and all child directory
1.1 Special Permission
- SUID à Set UID //set for user. Allow user to execute a file as owner
- SGID à Set GID //set for group
For SUID
- chmod u+s <file or dir>
- chmod 4755 <file or dir>
To Remove SUID
- chmod u-s <file or dir>
- chmod 0755 <file or dir>
To Set SGID
- chmod g+s <file or dir>
- chmod 2770 <file or dir>
To Remove SGID
- chmod g-s <file or dir>
- chmod 2770 <file or dir>
1.2 Sticky Bit
When set on a directory, users with write access to the directory can only delete files they own in the directory.
# chmod o+t <dir> //to set sticky bit
# chmod o-t <dir> //to remove sticky bit
1.3 ACL (Access Control List)
- To view ACL à getfacl
- To set/modify/remove ACL à setfacl
- setfacl -m u:redhat:rwx /linux
- setfacl -m g:HR:— /linux
- setfacl -m u:redhat:rwx, g:HR:— /linux
- getfacl /linux
Default ACLs
- setfacl -m d:u:mmsuper:r– /linux
- setfacl -m d:g:IT:rw- /linux
- getfacl /linux
- To set default ACL first we need to set normal ACL for user and group.
Remove ACL
- setfacl -x u:redhat /linux //only remove ACL of particular user or
- setfacl -x d:u:IT /linux //group
- setfacl -k /linux // to remove all default ACL
- setfacl -b /linux // to remove all ACL