How to Set Permissions for Users to Access Files and Folders in Linux

We independently review everything we recommend. When you buy through our links, we may earn a commission.

Users-Access Files-Folders-Linux

Linux presents a challenge when it comes to the management of permissions for files and folders. Getting a better understanding of how everything operates should make things easier.

Because of the way Linux systems are designed, there are several security-related limits and permission settings that may be applied to files and folders. The “root” user is the only one who has access to all of these rights.

Therefore, if we are root users when we are utilizing the system, the warning that is displayed before us will not be a restriction mechanism, and the adjustments that we will do may in certain instances cause significant issues with the system. Because of this, it is essential for every Linux user to have a solid understanding of how user authorizations work in Linux.

Actions Users Can Take Regarding Files and Directories

Every user has the ability to take action within the parameters of the authorizations that have been granted to them. Users have three different options for interacting with files and directories at their disposal.

  • read(r): It is necessary to have access to both the folder list and the contents of the files.
  • write(w): It has to do with making alterations to the folder or the file.
  • execute(x): It is necessary to either be able to run the file that is the target or access the folder.

It’s possible that you’ve heard of these three permissions previously if you’re familiar with the chmod tool and the file permissions used in Linux.

To find out what permissions your current file has, enter the ls -l command into your terminal.

File permissions are indicated by the sections of the string that look like drwxr-xr-x and -rw-r—r— respectively. When it comes to certain phrases, the presence of the letter d at the beginning of the expression denotes that the expression is a directory. If we explain each of the remaining components independently, the portions that are separated by the minus sign will reflect the user group that has access to that permission.

Divide them up into three groups, leaving out the letter d, and this will help you comprehend them better.

rwxr-xr-x = rwx r-x r-x

rw-r–r– = rw- r– r–

The first group of letters describes the permissions of the file’s owner, the second group of letters describes the permissions of the group, and the last group of letters describes the permissions of other users.


As a result, the following permissions may be seen in the aforementioned files:

  • r: read privilege
  • w: write privilege
  • x: execute privilege
  • rwx: The reader, writer, and executor privileges are reserved for the file’s owner.
  • r-x: Other users are able to read and execute commands, but they cannot write.

Changing Permissions With chmod

The access privilege can only be modified by root, the user with the highest level of permissions. Using the chmod command, you can quickly make this modification to the file permissions.

The following is an explanation of the arguments and meanings of the chmod command.

  • u: Owner of the file or directory
  • g: Users who are members of the same group as the proprietor of the file or directory
  • o: Other users
  • a: Open to all
  • =: Authorization synchronization
  • +: Add authorization
  • : Deletion of authorization

You should now be able to think about an example operation now that you have learned what the meanings of the parameters are. To accomplish this, first make a sample directory, and then follow the instructions below in the correct order.

You may examine the permissions of the files included in the folder that you created by executing the ls -l command. While you are doing this, keep in mind that the following describes the permission structure of your files.

ls -l
total 4
———- 1 root root 0 Apr 25 16:20 example.txt
———- 1 root root 0 Apr 25 16:21 ex_File
d——— 2 root root 4096 Apr 25 16:21 ex_Folder
———- 1 root root 0 Apr 25 16:20 ex_Text

After this, use the character * to access all of the files in the folder, and then use the chmod +w * command to make write(w) a public permission.

chmod +w *

ls -l
total 4
–w-r-x— 1 root root 0 Apr 25 16:20 example.txt
–w-r-x— 1 root root 0 Apr 25 16:21 ex_File
d-w-r-x— 2 root root 4096 Apr 25 16:21 ex_Folder
–w-r-x— 1 root root 0 Apr 25 16:20 ex_Text

Now, make an effort to provide read-write-execute permission (rwx) to users who are members of the group (g), write permission (w) to users (u), and only execute permission (x) to other users.

chmod g+rwx,u+w,o+x *

ls -l
total 4
–w-rwx–x 1 root root 0 Apr 25 16:20 example.txt
–w-rwx–x 1 root root 0 Apr 25 16:21 ex_File
d-w-rwx–x 2 root root 4096 Apr 25 16:21 ex_Folder
–w-rwx–x 1 root root 0 Apr 25 16:20 ex_Text

Now, make an effort to provide read-write-execute permission (rwx) to users who are members of the group (g), write permission (w) to users (u), and only execute permission (x) to other users.

chmod a-rwx *

ls -l
total 4
———- 1 root root 0 Apr 25 16:20 example.txt
———- 1 root root 0 Apr 25 16:21 ex_File
d——— 2 root root 4096 Apr 25 16:21 ex_Folder
———- 1 root root 0 Apr 25 16:20 ex_Text

In addition to these applications, authorization processes may also be stated in numerical terms, many of which you have most likely encountered previously and utilized without even realizing it.

Numbers Are Defined for Each Authorization

Owner of the FileUsers in the Same Group as the Owner of the FileOther Users
r444
w222
x111

Consider the following scenario: you want to ensure that only the file’s owner has access to all of its permissions. In order to accomplish this, you will need need to assemble the numerical equivalents of the authorisation patterns. In other words, given that you would grant all of the permissions, the total number is 7, which is equal to r plus w plus x.

You only want to provide this access to the person who owns the file you’re working on. In order to accomplish this, you will need to make a few adjustments to the chmod rwx- ——- command that you would typically use. If you execute a command such as chmod 700 file, then only the person who owns the file will have access to all of the file’s permissions.

Consider one more illustration to help you get a better grasp on the concept. Imagine that the person who owns the file has complete control over its permissions, that members of the public group have the ability to write to the file, and that other users can only read it.

The equation r(4)+w(2)+x(1)=7 can be used to determine whether or not all rights should be granted to the owner of the file.

The number 2, which is the numeric equivalent of the write(w) character, will be used for the write authorization that you provide for the users who are members of the same common group as the owner of the file. The number 4, which is the numeric equivalent of the read(r) character, will be used for the read authorisation that you will offer to other users.

The result makes it clear that the numerical counterparts must have carried out the authorisation you want in order for the output to make sense.

Make Your Authorization Settings Valid in Subdirectories With – R

In addition, you need to use the -R argument of your command in order for the rights you provide to take effect not just on the directory in question but also on any subfolders it may contain.

For instance, in your location you should show the permissions associated with the folder called “ex Folder.” An output will be generated as a consequence indicating that no entitlements were discovered.

ls -l
total 4
———- 1 root root 0 Apr 25 16:20 example.txt
-rwx-w-r– 1 root root 0 Apr 25 16:21 ex_File
d——— 2 root root 4096 Apr 25 16:21 ex_Folder
———- 1 root root 0 Apr 25 16:20 ex_Text

The next step is to enter the folder that is labeled “ex Folder.”

After that, return to the directory that you came from. Utilize the -R argument and compose a command such as chmod -R 422 ex Folder in order to ensure that the access rights that are being applied are appropriate for all subfiles.

As a consequence of this, all of the files, including all of the files, directories, and subfolders, have been allowed in a manner that is consistent with the 422 declaration.

The Most Effective Approach to Recovering Deleted Files by Mistake chattr

For whatever reason, if there are some files that you deem vital, you have the ability to safeguard them and prevent them from being erased inadvertently. The chattr command is the one that enables this protection chance to be taken advantage of. The chattr command has two purposes: first, it safeguards the file from accidental deletion, and second, it prevents the file from being edited in any way.

You may use your lsattr command to list such files.

Using the chattr I main.cpp command, you may make an effort to secure the main.cpp file that is displayed above.

As can be seen in the output, the permissions section contains a sentence with the notation -i. This declaration indicates that the file can no longer be modified and should be treated as read-only. You may test this theory by erasing this file using a command such as rm -rf main.cpp. This should provide the desired result.

rm -rf main.cpp
rm: cannot remove ‘main.cpp’: Operation not permitted

Simply using the chattr -i main.cpp command will allow you to undo this action and return the file to its previous state, which is an editable state.

Access Privileges Are Important for File System Security

Access authorization is the fundamental component that supports the security of Linux file systems. The ability to handle the system in a much more relaxed manner is made possible by the fact that access rights may be assigned to individual files independently.

Access privileges assigned on a per-user basis are sometimes more significant than those assigned globally. As a result, you might find it helpful to approach the projects and files located on your system while being aware of the permission techniques discussed in this article.

Alex
We will be happy to hear your thoughts

Leave a reply

TopBestProductReview
Logo