Kanav GatheDay 6: File Permissions and Access Control Lists ๐
Hello DevOps enthusiasts! ๐ Welcome to Day 6 of the #90DaysOfDevOps challenge. Today, we're exploring file permissions and Access Control Lists (ACL) in Linux.
Task Solutions ๐ป
1. Basic File Permissions
# Create and check file
touch test_file.txt
ls -ltr test_file.txt
# Change permissions (owner only)
chmod 700 test_file.txt
# OR
chmod u+rwx,go-rwx test_file.txt
# Verify changes
ls -ltr test_file.txt
2. Permission Management Script
#!/bin/bash
# Change permissions for multiple files
change_permissions() {
for file in "$@"
do
chmod 644 "$file"
echo "Changed permissions for $file"
done
}
3. ACL Implementation
# Create test directory
mkdir acl_test
cd acl_test
# Set ACL for user
setfacl -m u:user1:rx file1.txt
# Set ACL for group
setfacl -m g:group1:rw file1.txt
# View ACL
getfacl file1.txt
4. ACL Permission Script
#!/bin/bash
set_acl_permissions() {
local file=$1
local user=$2
setfacl -m u:$user:rw "$file"
echo "Set ACL for $user on $file"
}
5. Special Permissions
# Sticky Bit
chmod +t /shared_directory
# SUID
chmod u+s /usr/bin/script
# SGID
chmod g+s /shared_directory
6. Permission Backup
#!/bin/bash
# Backup permissions
getfacl -R /path/to/directory > permissions.acl
# Restore permissions
setfacl --restore=permissions.acl
Permission Types Explained ๐
-
Basic Permissions
- Read (r): 4
- Write (w): 2
- Execute (x): 1
-
Special Permissions
- SUID (4000)
- SGID (2000)
- Sticky Bit (1000)
-
ACL Features
- User-specific permissions
- Group-specific permissions
- Default permissions
- Inherited permissions
Key Takeaways ๐ก
- File permissions are crucial for security
- ACLs provide granular access control
- Special permissions serve specific purposes
- Regular permission backups are important
Linux #DevOps #Security #90DaysOfDevOps
This is Day 6 of my #90DaysOfDevOps journey. Keep securing and learning!
