IT & IoT Security | Cloud | It's all about the life itself

Nothing in life is as important as you think it is, while you are thinking about it.

Linux – Granting permissions

Hello all,

In this blog, I am going to review file and folder permissions which are assigned to user , group and other objects.The very fundamental parameters that are needed to be considered when assigning permissions are User,Group,Others,Read,Write,Execute. In shortly, we can use ugo for user,group,others and rwx for read,write and execute. The table shown below is sufficient to express permissions in octal mode.

Screen Shot 2016-05-24 at 09.26.02

chmod command is used to assign permissions and chown is used to change ownership of files and folders. Let’s review them.

Screen Shot 2016-05-24 at 09.29.02

We have three folders that all of of them are owned by root. Let’s change the ownership of the B2BFolder folder.

Screen Shot 2016-05-24 at 09.32.30

By running the command shown above, EnterpriseSales group becomes the owner of the folder.

Let’s continue on another example.

Screen Shot 2016-05-24 at 09.37.18

Screen Shot 2016-05-24 at 09.55.56

I have logged in as baris.aydogmusoglu and tried to create a file under the /All_Shares/B2BFolder/ path and got an error message “Permission Denied”. Let’s analyse why I got this error message.

drwxr-xr-x.  2 root EnterpriseSales    6 May 24 09:14 B2BFolder

drwxr-xr-x This permission means the object is a folder (d) , root(owner) user has read,write,execute(rwx) permissions on it, group(Owner,EnterpriseSales) has read and execute permission(r-x) on it, others has read and execute permission(r-x) on it. So, baris.aydogmusoglu user is neither the owner of the file nor the member of group EnterpriseSales. Then, the user is considered as Others and others has no write permission on the folder. That’s is the reason why baris.aydogmusoglu user gets “permission denied” error message.

I will give group write permission on the folder and add baris.aydogmusoglu user account to the EnterpriseSales group. So baris.aydogmusoglu will have write permission on folder as it’ll have become a member the EnterpriseSales group.

Screen Shot 2016-05-24 at 10.04.03

Screen Shot 2016-05-24 at 10.05.42

I re-log as baris.aydogmusoglu and try to create a file.

Screen Shot 2016-05-24 at 10.07.25

According to the result shown above, the user is able to create a file under the B2BFolder folder.

Let’s review one more example.

Screen Shot 2016-05-24 at 10.29.07

Despite being the owner, baris.aydogmusoglu user who executed the script got a error message. The reason why the user gets the error message is that the user account does not have execute permission on the file. After assigning execute permission, we will be able to get the result shown below.

Screen Shot 2016-05-24 at 10.41.57

Screen Shot 2016-05-24 at 10.39.43

To conclude up, we reviewed granting user,group,other object file and folder permissions. If you have any comment feel free to use comment section.

I wish you have a great day.