#90 days of DevOps challenge - Task (6 $ 7)
File Permissions and Access Control Lists
I am passionate about learning new skills . Currently quenching my thirst for knowledge by learning DevOps methodology.
The three different categories of users who need file permissions are:
Owners: The owner is the person or entity that creates the file or directory. As the owner, they have the most control over the file or directory, including the ability to change permissions, modify content, or delete the file.
Group Members: Group members are users who are part of a specific group that has been granted access to the file or directory. Group permissions allow multiple users to have the same level of access to the file or directory, without having to individually grant permissions to each user.
Others: Others refer to all other users who are not the owner or group members. This category includes all users who do not belong to a specific group or have been explicitly granted access to the file or directory. Others usually have limited permissions or no access at all, depending on the permissions set by the owner or group members.
chown command
The chown command in Linux is used to change the ownership of a file or directory. Here's a real-world example of how the chown command could be used:
In this example, the "-R" option is used to recursively change ownership of all files and directories within the /home/ubuntu/Directories/ directory.
The "sudo" command is used to execute the chown command with root privileges, which is necessary to change the ownership of system files.
After executing this command, the ownership of the/home/ubuntu/Directories/ folder and all of its contents would be changed to the "popatlal" user, allowing them to manage the website files.
chgrp command
The chgrp command in a Unix-based operating system is used to change the group ownership of a file or directory. The word "chgrp" stands for "change group".
The syntax for the chgrp command is as follows:
chgrp [options] {group} {file(s)}
chmod command
In Linux, the chmod command is used to change the permissions of a file or directory. The word "chmod" stands for "change mode". There are three ways to use the chmod command:
- Symbolic mode:
The symbolic mode allows you to add or remove permissions from a file or directory using symbols. The basic symbols used are + to add permissions, - to remove permissions, and = to set permissions explicitly.
For example, to give the user read and write permissions and remove execute permissions from a file named "example.txt", you can use the following command:
$ chmod u+rw-x example.txt
In this command, u stands for "user", + adds permissions, rw stands for "read" and "write", - removes execute permissions, and x stands for "execute".
- Absolute mode:
The absolute mode allows you to set permissions explicitly using numbers. Each permission has a numeric value assigned to it. The values are:
4 for read permission
2 for write permission
1 for execute permission
$ chmod 755 example.txt
In this command, the first digit (7) sets permissions for the owner, the second digit (5) sets permissions for the group, and the third digit (5) sets permissions for others.
File Permissions
Access Control Lists
We use ACL (Access Control List) commands in Linux to manage file and directory permissions with more flexibility than traditional Unix file permissions. ACL allows us to set permissions for specific users and groups, in addition to the owner and group assigned to a file or directory.
In traditional Unix file permissions, we have three types of users: the owner, the group, and others. We can set permissions for each of these users using a combination of read, write, and execute permissions. However, this system has limitations when it comes to managing access control for large groups of users or complex directory structures.
With ACLs, we can add additional users and groups to the access control list for a file or directory, and set specific permissions for each of them. This allows for more granular control over who has access to specific files or directories. For example, we can grant read and write access to a specific user, even if they are not the owner or in the group assigned to the file or directory.
The ACL commands in Linux include getfacl, setfacl, and chacl. The getfacl command displays the current ACL for a file or directory, setfacl adds or modifies the ACL for a file or directory, and chacl changes the ownership or group of a file or directory.
Overall, ACL commands provide more flexibility and control over file and directory permissions in Linux, making it easier to manage access control for large groups of users or complex directory structures.
Difference between systemctl status docker vs service docker status
Both systemctl status docker and service docker status are commands used to check the status of the Docker service on a Linux system, but they differ in their implementation and usage.
systemctl is a command used to control and manage systemd services, which is a system and service manager for Linux operating systems. systemctl status docker is used to display the status of the Docker service as managed by systemd.
On the other hand, service is a command used to start, stop, and manage services in traditional System V init systems. service docker status is used to display the status of the Docker service as managed by the System V init system.
So, the main difference between systemctl status docker and service docker status is the underlying system service management tool used to manage the Docker service. If your Linux distribution uses systemd as the default service manager, you should use systemctl. If your distribution uses System V init, you should use service.
It's also worth noting that systemd has replaced System V init as the default service manager in many modern Linux distributions. However, some older distributions and specialized environments may still use System V init.
