Grant access directory linux

Allowing a group Read-Write Access to a directory

I have two users, user1 and user2, that are both members of groupA. user2 has a folder in their home directory called folderA. If they wish to allow read-write-execute permissions for all members of groupA, how would they do this? What if folderA contains many files and additional folders that also need to have read-write-execute permission? Information regarding groups is a little ‘spotty’ across the web, so I am putting my question here in the hope someone posts a clear answer that might help others out too. Thanks!

2 Answers 2

FolderA will first need to be part of groupA — the folder’s owner or root can perform this operation

Then groupA will need rwx permissions of the folder

There are options in the chgrp and chmod commands to recurse into the directory if required.

I originally tried chown :groupname ./folder and that didnt work — as in it changed the group, but didn’t give any effective permissions

didn’t worked for me also. Folder somehow can not give write permissions to a group. Whatever I have tried.

@pbhj That has not been my experience, although I will admit to not having great depth of experience. I do need to logout/in if I have altered the user or group — the login does not pickup altered permissions until the next login. But altered file and directory permissions work immediately for me.

My own experience in this area here. Tested on Ubuntu 18.04.

Allow to write in the system folder

Give write permission to /etc/nginx/ folder.

# Check 'webmasters' group doen't exist cat /etc/group | grep webmasters # Create 'webmasters' group sudo addgroup webmasters # Add users to 'webmasters' group sudo usermod -a -G webmasters username sudo usermod -a -G webmasters vozman sudo usermod -a -G webmasters romanroskach # Group assignment changes won't take effect # until the users log out and back in. # Create directory sudo mkdir /etc/nginx/ # Check directory permissions ls -al /etc | grep nginx drwxr-xr-x 2 root root 4096 Dec 5 18:30 nginx # Change group owner of the directory sudo chgrp -R webmasters /etc/nginx/ # Check that the group owner is changed ls -al /etc | grep nginx drwxr-xr-x 2 root webmasters 4096 Dec 5 18:30 nginx # Give write permission to the group sudo chmod -R g+w /etc/nginx/ # Check ls -al /etc | grep nginx drwxrwxr-x 2 root webmasters 4096 Dec 5 18:30 nginx # Try to create file sudo -u username touch /etc/nginx/test.txt # should work sudo -u username touch /etc/test.txt # Permission denied 

Give write permission to /etc/systemd/system/ folder.

# List ACLs getfacl /etc/systemd/system getfacl: Removing leading '/' from absolute path names # file: etc/systemd/system # owner: root # group: root user::rwx group::r-x other::r-x # Add 'webmasters' group to an ACL sudo setfacl -m g:webmasters:rwx /etc/systemd/system # Check getfacl /etc/systemd/system getfacl: Removing leading '/' from absolute path names # file: etc/systemd/system # owner: root # group: root user::rwx group::r-x group:webmasters:rwx mask::rwx other::r-x sudo -u username touch /etc/systemd/system/test.txt # should work sudo -u username touch /etc/systemd/test.txt # Permission denied 

Источник

Читайте также:  Linux core dump enable

How I Give a User Permission to a Folder in Linux

Privacy is an essential part of someone’s life, whether social media or the workplace. It helps protect the personal and professional data that we don’t want to share with everybody. Sometimes, people work on sensitive data that couldn’t be shared inside or outside the firm.

Similarly, when multiple users are connected with the system, they may need some private access to the specific resources. If we talk about files or folders/directories permission, it means you allow them to read, write, or modify the files or directories. It is essential to revert the ownership of files/folders from the users who are not part of your current account but can own them.

It is assumed as challenging for a Linux user to access permission to a file or folder because they are a bit aware of it. Setting the permission to the specific folder is quite simple and can be done via command-line or GUI (we will later discuss how we can do it).

There are two levels in the Linux system for authorization that you must need to understand:

Let’s explain both of them to understand what categories they are further divided into:

Ownership:

If we talk about ownership of files or folders in the Linux operating system, they are split into 3 types:

The user-created the folder, and that’s why sometimes we claimed it as an owner. It is represented as “u” in the command line when giving access through commands.

A group contains several Linux users connected to a system having the same permission access. It is helpful when many users use the system and give them folder permission to access it. You can make a group to add all of them instead of allowing them individually. In this case, people other than the group couldn’t be able to access the folder. The representative form of group members in the Linux command-line is “g.”

The other category includes public users that are not part of group members or ownership. If you are permitting the others, we can say you are allowing everybody in the world to access the files/folders. Sometimes, it could be dangerous, so think twice before doing it. The public users are represented by “o”:

Читайте также:  Создать несколько папок одновременно linux

Permission:

There are 3 types of permission you can give to the owners we have mentioned below:

In the read (r) mode, a user can open a file/folder and read it, whereas the write (w) mode allows making changes in the file/folder. You have the authority to add content, remove or rename it.

Without executing (x) permission, you can only read and write to the file, but you can’t run it. To make the file executable, set the execute permission.

How to give the user permission to a folder in Linux:

You can give permission access to the user using a couple of approaches, via terminal and GUI.

Before directly jumping into it, note the specific commands to change permission and ownership.

  • chmod command is used to modify permission
  • chown command is used to modify ownership

How to give the user permission to a folder via command-line:

You can set permissions like read, write, or execute the folder through the “chmod” command in a terminal.

You can use the “chmod” command to modify permission settings in two different ways:

The difference between Absolute mode and symbolic mode is that in the Absolute mode, you can set permissions for all the owners (user, group, others) using the three-digit octal number instead of characters. Whereas in the symbolic mode, you can set permission through mathematical symbols and only for the specific owner.

Let’s demonstrate both of them:

Give user access to a folder through absolute mode:

To understand how we can give permission access to a folder through absolute mode, we need to understand the given table in which numbers are mentioned for all the permission types.

Numbers Permission Types Symbols for Permission
0 No Permission
1 Execute –x
2 Write -w-
3 Execute + Write -wx
4 Read r–
5 Read + Execute r-x
6 Read + Write rw-
7 Read + Write + Execute Rwx

Let’s run an example to check how it is working:

To display the current permission settings of the folder “Testing_folder,” run the following command:

  • First rw– represents🡪 a user (owner) who can read or write/edit the file but couldn’t be able to execute it since execute mode is set to “-.”
  • The second rw– represents 🡪 a group (all the users added to the group) that can read or write/edit the file.
  • The third r— represents 🡪 others (public) who can only read the file

Now execute the chmod command to change permission access:

(760 🡪 owners can read, write or execute the file, the group can read and write, and there is no access for the public users)

Читайте также:  Какую из линукс систем выбрать

Run the “ls” command to check the modification:

Give user access to a folder through symbolic mode:

Three operators are used in symbolic mode to set permission:

Operator Function
+ Add permission
Remove permission
= Set the permission and override the previous permission settings

As we have mentioned in the introductory part that how to represents owners. So, let’s start with an example:

Check the current permission setting of “Testing_folder” using the mentioned “ls” command:

To set permission to the user (owner), the command would be:

Now, execute the “ls” command to get the output:

To remove read permission from the user, run the command:

Now, execute the “ls” command to get results:

How to give a user permission to a folder via GUI:

Changing the file permission using the GUI is the simplest approach. Follow the listed steps:

Open the home directory, and navigate towards the targeted folder.

For example, to change the permission access to a folder “testing,” firstly, select it:

Right-click on the “testing” folder and select “Properties”:

The “Properties” window will appear with 3 tabs:

Navigate to the “Permissions” tab and select it:

From this tab, you can make changes according to the requirement.

Click on the “Change Permission for Enclosed Files,” and you will get a window that allows the user to modify the permission mode, i-e read and write mode for the owners:

Suppose the current permissions status of the “testing” folder is given below:

Let’s open the “change permissions” window and modify the entries as:

Navigate to the “change” button and click it.

Now, confirm using the “ls” command again in the terminal if changes have been made successfully.

Conclusion:

Set permission access to the files or folders is compulsory nowadays for security reasons because someone who is no longer a part of your system may also have folder access. To get control the security issues and keep the files safe, you can set permissions.

There are three categories of ownership i-e user, group, and others. And also, we have 3 types for permission settings such as read, write and execute.

You can give a user permission to the folder in two ways; via command-line and GUI. The GUI approach is better, in my opinion, as it is a pretty straightforward and simple way to set permissions.

About the author

Syeda Wardah Batool

I am a Software Engineer Graduate and Self Motivated Linux writer. I also love to read latest Linux books. Moreover, in my free time, i love to read books on Personal development.

Источник

Оцените статью
Adblock
detector