access Command in Linux

Introduction

In this lab, delve into the critical aspects of file permissions and ownership management on a Linux system. This tutorial covers three fundamental topics crucial for any aspiring systemadmin: grasping the intricacies of file permissions, mastering the chmod command for permission modification, and utilizing the chown command to alter file ownership. These skills are not just useful; they are absolutely essential for effectively controlling access to files and directories within a Linux environment. This lab provides hands-on examples and detailed, step-by-step instructions to empower you with proficiency in these foundational Linux utilities, ensuring your ability to maintain a secure and well-managed system.

Understanding File Permissions in Linux

This step will introduce you to the core concepts of file permissions in Linux, guiding you on how to view and interpret these permissions effectively.

Within Linux, each file and directory is governed by a set of permissions defining who can read, write, and execute it. These permissions are categorized into three distinct groups: the owner, the group, and others (users who are neither the owner nor members of the file's group).

To inspect the permissions of a file or directory, the ls -l command is your go-to tool. It presents the file permissions in a format similar to this:

-rw-r--r-- 1 labex labex 0 Apr 12 12:34 example.txt

The initial character signifies the file type (e.g., - for a regular file, d for a directory, l for a symbolic link). The subsequent nine characters delineate the permissions: the first three for the owner, the next three for the group, and the final three for others.

Permissions are denoted by the letters r (read), w (write), and x (execute). A dash (-) indicates that a specific permission is not granted.

Taking the above output as an example:

• The owner (labex) possesses both read and write permissions (rw-).
• The group (labex) is granted read permissions (r--).
• Other users have read permissions (r--).

The stat command offers a more comprehensive view of a file, including its permissions and other metadata:

$ stat example.txt
  File: example.txt
  Size: 0         	Blocks: 0          IO Block: 4096   regular empty file
Device: 801h/2049d	Inode: 131074      Links: 1
Access: (0644/-rw-r--r--)  Uid: (1000/labex)   Gid: (1000/labex)
Access: 2023-04-12 12:34:56.123456789 +0000
Modify: 2023-04-12 12:34:56.123456789 +0000
Change: 2023-04-12 12:34:56.123456789 +0000
 Birth: -

This output presents richer details about the file, including access, modification, and change timestamps, along with user and group ownership information.

A solid understanding of file permissions is paramount for effective access control on a Linux system.

Modifying File Permissions with the chmod Command

This step demonstrates the use of the chmod command to modify file and directory permissions in Linux.

The chmod command empowers you to alter read, write, and execute permissions for the owner, group, and others. The fundamental syntax of the chmod command is:

chmod [options] mode file

Where mode represents the desired permission setting.

Permissions can be set using either symbolic or numeric mode. Symbolic mode employs letters to denote permissions:

• u signifies the owner
• g signifies the group
• o signifies others
• a signifies all (owner, group, and others)
• r signifies read
• w signifies write
• x signifies execute

For instance, to grant the owner read and write permissions, the group read permissions, and deny permissions to others, the following command would be used:

chmod u=rw,g=r,o= example.txt

Numeric mode utilizes a three-digit number to express permissions:

• The first digit corresponds to the owner's permissions
• The second digit corresponds to the group's permissions
• The third digit corresponds to the permissions for others

Each digit is derived by summing the following values:

• 4 represents read
• 2 represents write
• 1 represents execute

For example, to set permissions to rw-r--r--, the following command would be employed:

chmod 644 example.txt

Experiment with modifying the permissions of the example.txt file using both symbolic and numeric modes:

## Symbolic mode
chmod u=rw,g=r,o=r example.txt
## Numeric mode
chmod 644 example.txt

Example output:

-rw-r--r-- 1 labex labex 0 Apr 12 12:34 example.txt

Consequently, the example.txt file now has the following permissions:

• The owner (labex) has read and write permissions (rw-)
• The group (labex) has read permissions (r--)
• Others have read permissions (r--)

Mastering the chmod command is crucial for managing file and directory access control within a Linux system, contributing significantly to system security and stability for any systemadmin.

Changing File Ownership with the chown Command

This step guides you through using the chown command to modify the ownership of files and directories in Linux.

Upon creation, a file or directory is automatically owned by the user who created it. The chown command facilitates changing the owner and/or group associated with a file or directory, a task frequently performed by a systemadmin.

The basic syntax for the chown command is:

chown [options] owner[:group] file

Where owner is the new owner's username, and group is the new group's name.

For example, to change the owner of example.txt to the labex user, use:

sudo chown labex example.txt

To change both the owner and group, use:

sudo chown labex:labex example.txt

The recursive option -R allows you to modify the ownership of a directory and all its enclosed content:

sudo chown -R labex:labex ~/project

This will change the ownership of the ~/project directory and all its files and subdirectories to the labex user and group. This is especially useful when managing larger directory structures as a systemadmin.

Let's practice changing the ownership of the example.txt file:

## Change the owner to labex
sudo chown labex example.txt

## Change the owner and group to labex
sudo chown labex:labex example.txt

Example output:

-rw-r--r-- 1 labex labex 0 Apr 12 12:34 example.txt

The example.txt file is now owned by the labex user and group.

Proficiency with the chown command is essential for managing file and directory ownership within a Linux system. As a systemadmin, you'll find this to be a core skill in user management and system security.

Summary

This lab provided a comprehensive overview of fundamental file permissions in Linux, demonstrating how to view and interpret them. You learned that files and directories are governed by permissions that dictate access rights (read, write, execute) for the owner, group, and others. Furthermore, you gained hands-on experience using the ls -l and stat commands to examine file and directory permissions. You now understand that grasping file permissions is crucial for effective access control within any Linux system, a cornerstone of Linux systemadmin best practices. You're one step closer to becoming a proficient systemadmin!

Tác giả

Tôi là một chuyên gia System Administrator (SysAdmin) & DevOps Engineer với hơn 10 năm kinh nghiệm trong lĩnh vực quản trị hệ thống, bảo mật mạng, và tối ưu hạ tầng Cloud. Tôi đã từng làm việc tại các tập đoàn công nghệ lớn và tham gia triển khai nhiều hệ thống High Availability (HA), Load Balancing, Database, container và CI/CD giúp doanh nghiệp hoạt động ổn định với hiệu suất cao. Bài này tôi viết với thời gian đọc khoảng 6 phút. I also wrote a Vietnamese version.