Give access to user linux

How can I give write-access of a folder to all users in linux?

I installed apache2 on Ubuntu just now, and noticed that the /var/www folder is protected. I can just sudo everything but I would rather just give it write access. How can I do this? I tried sudo chmod 7777 /var/www but it didn’t work.

Is this a publicly accessible server, or does it have no direct connection to the internet? If the former it is important that you consider security decisions — servers on the internet are constantly under attack (have a look in your /var/log/messages or equivalent).

8 Answers 8

To best share with multiple users who should be able to write in /var/www , it should be assigned a common group. For example the default group for web content on Ubuntu and Debian is www-data . Make sure all the users who need write access to /var/www are in this group.

Then set the correct permissions on /var/www.

sudo chgrp -R www-data /var/www sudo chmod -R g+w /var/www 

Additionally, you should make the directory and all directories below it «set GID», so that all new files and directories created under /var/www are owned by the www-data group.

sudo find /var/www -type d -exec chmod 2775 <> \; 

Find all files in /var/www and add read and write permission for owner and group:

sudo find /var/www -type f -exec chmod ug+rw <> \; 

You might have to log out and log back in to be able to make changes if you’re editing permission for your own account.

That is how you give access to it. It’s quicker to copy and paste the commands than try to navigate through a GUI file manager’s dialogs to do the same thing. Long term it helps you if you read the manual pages for chmod and chgrp, at least («man chmod»).

+1 for guid to force apache permissions. works well with umask of 027. If something needs writes access, it’s as easy as chmod g+w dir/

There’s a simpler way to do this, try doing this command.

Essentially, the chmod command alters permissions and the -R switch affects all users. Then it is simply giving the correct permissions to use.

You can also replicate what jtimberman suggested using access control lists. The setfacl command accepts -s to replace an existing ACL or -m to modify it; -R to make directory ACLs recursive; and -d to make the specified settings the default, which is useful if you’re anticipating forthcoming user accounts.

These just set the permissions as you would for the user, group, other, and mask using chmod:

setfacl -m u::rwx, g::r-x, o::---, m:rwx DIRECTORY 

And this could be how you’d do it for a specified user or his/her group:

setfacl -m u:USERNAME:rwx, g:USERNAME:r-x DIRECTORY 

And of course, the strength is that you can designate any specific user, multiple users, etc., all without having to modify your group settings. And unlike chmod, if you want some groupies to have access to one directory and other groupies to have access only to another, it’s actually possible with setfacl. Finally, to view a directory’s ACLs, run getfacl:

Читайте также:  Linux chmod all folders

And you can specify -R to see the ACLs for subdirectories or -d to see the defaults.

Источник

How I Give a User Permission to a Folder in Linux

Privacy is an essential part of someone’s life, whether social media or the workplace. It helps protect the personal and professional data that we don’t want to share with everybody. Sometimes, people work on sensitive data that couldn’t be shared inside or outside the firm.

Similarly, when multiple users are connected with the system, they may need some private access to the specific resources. If we talk about files or folders/directories permission, it means you allow them to read, write, or modify the files or directories. It is essential to revert the ownership of files/folders from the users who are not part of your current account but can own them.

It is assumed as challenging for a Linux user to access permission to a file or folder because they are a bit aware of it. Setting the permission to the specific folder is quite simple and can be done via command-line or GUI (we will later discuss how we can do it).

There are two levels in the Linux system for authorization that you must need to understand:

Let’s explain both of them to understand what categories they are further divided into:

Ownership:

If we talk about ownership of files or folders in the Linux operating system, they are split into 3 types:

The user-created the folder, and that’s why sometimes we claimed it as an owner. It is represented as “u” in the command line when giving access through commands.

A group contains several Linux users connected to a system having the same permission access. It is helpful when many users use the system and give them folder permission to access it. You can make a group to add all of them instead of allowing them individually. In this case, people other than the group couldn’t be able to access the folder. The representative form of group members in the Linux command-line is “g.”

The other category includes public users that are not part of group members or ownership. If you are permitting the others, we can say you are allowing everybody in the world to access the files/folders. Sometimes, it could be dangerous, so think twice before doing it. The public users are represented by “o”:

Permission:

There are 3 types of permission you can give to the owners we have mentioned below:

In the read (r) mode, a user can open a file/folder and read it, whereas the write (w) mode allows making changes in the file/folder. You have the authority to add content, remove or rename it.

Without executing (x) permission, you can only read and write to the file, but you can’t run it. To make the file executable, set the execute permission.

How to give the user permission to a folder in Linux:

You can give permission access to the user using a couple of approaches, via terminal and GUI.

Before directly jumping into it, note the specific commands to change permission and ownership.

  • chmod command is used to modify permission
  • chown command is used to modify ownership
Читайте также:  Android и linux софт

How to give the user permission to a folder via command-line:

You can set permissions like read, write, or execute the folder through the “chmod” command in a terminal.

You can use the “chmod” command to modify permission settings in two different ways:

The difference between Absolute mode and symbolic mode is that in the Absolute mode, you can set permissions for all the owners (user, group, others) using the three-digit octal number instead of characters. Whereas in the symbolic mode, you can set permission through mathematical symbols and only for the specific owner.

Let’s demonstrate both of them:

Give user access to a folder through absolute mode:

To understand how we can give permission access to a folder through absolute mode, we need to understand the given table in which numbers are mentioned for all the permission types.

Numbers Permission Types Symbols for Permission
0 No Permission
1 Execute –x
2 Write -w-
3 Execute + Write -wx
4 Read r–
5 Read + Execute r-x
6 Read + Write rw-
7 Read + Write + Execute Rwx

Let’s run an example to check how it is working:

To display the current permission settings of the folder “Testing_folder,” run the following command:

  • First rw– represents🡪 a user (owner) who can read or write/edit the file but couldn’t be able to execute it since execute mode is set to “-.”
  • The second rw– represents 🡪 a group (all the users added to the group) that can read or write/edit the file.
  • The third r— represents 🡪 others (public) who can only read the file

Now execute the chmod command to change permission access:

(760 🡪 owners can read, write or execute the file, the group can read and write, and there is no access for the public users)

Run the “ls” command to check the modification:

Give user access to a folder through symbolic mode:

Three operators are used in symbolic mode to set permission:

Operator Function
+ Add permission
Remove permission
= Set the permission and override the previous permission settings

As we have mentioned in the introductory part that how to represents owners. So, let’s start with an example:

Check the current permission setting of “Testing_folder” using the mentioned “ls” command:

To set permission to the user (owner), the command would be:

Now, execute the “ls” command to get the output:

To remove read permission from the user, run the command:

Now, execute the “ls” command to get results:

How to give a user permission to a folder via GUI:

Changing the file permission using the GUI is the simplest approach. Follow the listed steps:

Open the home directory, and navigate towards the targeted folder.

For example, to change the permission access to a folder “testing,” firstly, select it:

Right-click on the “testing” folder and select “Properties”:

The “Properties” window will appear with 3 tabs:

Navigate to the “Permissions” tab and select it:

From this tab, you can make changes according to the requirement.

Click on the “Change Permission for Enclosed Files,” and you will get a window that allows the user to modify the permission mode, i-e read and write mode for the owners:

Читайте также:  Где хранятся папки пользователей linux

Suppose the current permissions status of the “testing” folder is given below:

Let’s open the “change permissions” window and modify the entries as:

Navigate to the “change” button and click it.

Now, confirm using the “ls” command again in the terminal if changes have been made successfully.

Conclusion:

Set permission access to the files or folders is compulsory nowadays for security reasons because someone who is no longer a part of your system may also have folder access. To get control the security issues and keep the files safe, you can set permissions.

There are three categories of ownership i-e user, group, and others. And also, we have 3 types for permission settings such as read, write and execute.

You can give a user permission to the folder in two ways; via command-line and GUI. The GUI approach is better, in my opinion, as it is a pretty straightforward and simple way to set permissions.

About the author

Syeda Wardah Batool

I am a Software Engineer Graduate and Self Motivated Linux writer. I also love to read latest Linux books. Moreover, in my free time, i love to read books on Personal development.

Источник

How to give a Linux user sudo access? [closed]

If you like to reopen the question you should provide additional details that qualify it as a valid according the rules in the help center.

3 Answers 3

You need run visudo and in the editor that it opens write:

That line grants all permissions to user igor .

If you want permit to run only some commands, you need to list them in the line:

igor ALL=(ALL) /bin/kill, /bin/ps 

What would be the reason if one carried out the above, but the user (in this case igor ) still did not have full sudo access (ie. can issue sudo ls but not sudo mount -a )?

@puk it depends on the commands that you listed in /etc/sudoers; when you wrote ALL , user can run all commands

This answer will do what you need, although usually you don’t add specific usernames to sudoers . Instead, you have a group of sudoers and just add your user to that group when needed. This way you don’t need to use visudo more than once when giving sudo permission to users.

If you’re on Ubuntu, the group is most probably already set up and called admin :

$ sudo cat /etc/sudoers # # This file MUST be edited with the 'visudo' command as root. # 
# Members of the admin group may gain root privileges %admin ALL=(ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL # See sudoers(5) for more information on "#include" directives: #includedir /etc/sudoers.d 

On other distributions, like Arch and some others, it’s usually called wheel and you may need to set it up: Arch Wiki

To give users in the wheel group full root privileges when they precede a command with «sudo», uncomment the following line: %wheel ALL=(ALL) ALL

Also note that on most systems visudo will read the EDITOR environment variable or default to using vi . So you can try to do EDITOR=vim visudo to use vim as the editor.

To add a user to the group you should run (as root):

# usermod -a -G groupname username 

where groupname is your group (say, admin or wheel ) and username is the username (say, john ).

Источник

Оцените статью
Adblock
detector