Linux user access to folder

How to allow folder permission for another user in Linux?

Consider two user accounts user1 and user2 on one Linux machine. I want user2 to be able to have read and write access to a folder in user1 home directory. So far created a group for both users and added both users

groupadd twousers usermod -a -G twousers user1 usermod -a -G twousers user2 
chgrp twousers /home/user1/folder chmod g+rwx /home/user1/folder 

Unfortunately user2 is still unable to access the folder /home/user1/folder . It seems to be quite simple but somehow I am lost. What am I missing?

Something often missed is the permissions on the parent directory. It’s possible that /home/user1 has no execute permission for user2. The simplest way to fix this would be chmod o+x /home/user1 since I guess you don’t want to change the group on the home directory you need to give everyone execute permission on it.

I swear that this exact same question was asked earlier this year but I wasn’t able to locate it. Anyway, the other user can’t access the directory because the home directory of each user is only traversable by the respective user. Rather than having the folder inside of another user’s home , just put it in mnt and change the permissions in that directory or create an NFS export that only the two users can access.

3 Answers 3

The problem you are experiencing was to expect. Indeed, you are trying to share a folder inside another user home folder, which, for obvious security reasons, is (and should) only be accessible to the owner (and root , but that’s another story).

In order to solve your problem, you should create another folder, where the potential parent(s) folder(s) will have the same permissions for both users e.g. /data/folder_to_share .

Here is a brief step-by-step example:

    Create a parent folder (not necessary but it’s for the sake of the example):

 # cd data # mkdir shared_folder 
 # cp -p /path/to/folder/* /data/shared_folder/ 
 # groupadd shared # usermod -aG share bob # usermod -aG share alice 

Depending on your use case, you could just have one level but this example shows how the parent folder permissions can affect a folder deeper into the filesystem and allows for more scalability and granularity.

Paradox’s answer is indeed the best answer. However I feel like it was not fully explained as to why a root folder should be created.

If you have a shared folder in /home/user1/sharedfolder then you need access to the folder /home/user1 as well (which was explained). But you should notice that /home/user1 is user/group owned by user1. user2 would need to be a part of the group user1 (or permissions of /home/user1 need to be 751 or more specifically gives «other users» executable permissions which is not a good idea) to access /home/user1 . Executable access to /home/user1 is required in order to access the shared folder. Like sometimes I forget that even the command «cd» is a program, and if you cant cd into /home/user1 as user2 then how can you access /home/user1/sharedFolder ?

Читайте также:  Linux info about package

So unless you want user2 to be able to access everything user1 has access to in their home folder then you would definitely require the use of a more «public meeting» spot rather than in the home. I mean, think about it this way you can’t share something in your home without giving access to your home in the first place.

Lets say you have a secondary hard drive / mounted folder. If you want multiple users to access that, I recommend to throw it into `/mnt/mountedFolder’, then have a shared group own that mountedFolder using the directions from the best answer above.

When using containers its acceptable to map /mnt/mountedFolder to a root folder inside the container like /data or /config and basically the user of your container would need to be apart of that shared group. Your container may create new users with different user IDs. if that user in the container creates a folder/file with its own permissions the users who had access to the /mnt/mountedFolder will be unable to access those folders/files unless those users are apart of the group of the containerised user group and that containerised user is creating files/folders where the group permission is g+rwx .

Hope this adds a better explanation for those who didn’t understand after the best answer. Dealing with permissions can frustrating because it seems like it should be so simple, but there’s actually a lot to consider. When you feel frustrated about permissions try not to do something silly and try to make everything have more elevated permissions than necessary. you are probably missing something.

Источник

How I Give a User Permission to a Folder in Linux

Privacy is an essential part of someone’s life, whether social media or the workplace. It helps protect the personal and professional data that we don’t want to share with everybody. Sometimes, people work on sensitive data that couldn’t be shared inside or outside the firm.

Similarly, when multiple users are connected with the system, they may need some private access to the specific resources. If we talk about files or folders/directories permission, it means you allow them to read, write, or modify the files or directories. It is essential to revert the ownership of files/folders from the users who are not part of your current account but can own them.

It is assumed as challenging for a Linux user to access permission to a file or folder because they are a bit aware of it. Setting the permission to the specific folder is quite simple and can be done via command-line or GUI (we will later discuss how we can do it).

There are two levels in the Linux system for authorization that you must need to understand:

Let’s explain both of them to understand what categories they are further divided into:

Ownership:

If we talk about ownership of files or folders in the Linux operating system, they are split into 3 types:

Читайте также:  Overwriting files in linux

The user-created the folder, and that’s why sometimes we claimed it as an owner. It is represented as “u” in the command line when giving access through commands.

A group contains several Linux users connected to a system having the same permission access. It is helpful when many users use the system and give them folder permission to access it. You can make a group to add all of them instead of allowing them individually. In this case, people other than the group couldn’t be able to access the folder. The representative form of group members in the Linux command-line is “g.”

The other category includes public users that are not part of group members or ownership. If you are permitting the others, we can say you are allowing everybody in the world to access the files/folders. Sometimes, it could be dangerous, so think twice before doing it. The public users are represented by “o”:

Permission:

There are 3 types of permission you can give to the owners we have mentioned below:

In the read (r) mode, a user can open a file/folder and read it, whereas the write (w) mode allows making changes in the file/folder. You have the authority to add content, remove or rename it.

Without executing (x) permission, you can only read and write to the file, but you can’t run it. To make the file executable, set the execute permission.

How to give the user permission to a folder in Linux:

You can give permission access to the user using a couple of approaches, via terminal and GUI.

Before directly jumping into it, note the specific commands to change permission and ownership.

  • chmod command is used to modify permission
  • chown command is used to modify ownership

How to give the user permission to a folder via command-line:

You can set permissions like read, write, or execute the folder through the “chmod” command in a terminal.

You can use the “chmod” command to modify permission settings in two different ways:

The difference between Absolute mode and symbolic mode is that in the Absolute mode, you can set permissions for all the owners (user, group, others) using the three-digit octal number instead of characters. Whereas in the symbolic mode, you can set permission through mathematical symbols and only for the specific owner.

Let’s demonstrate both of them:

Give user access to a folder through absolute mode:

To understand how we can give permission access to a folder through absolute mode, we need to understand the given table in which numbers are mentioned for all the permission types.

Numbers Permission Types Symbols for Permission
0 No Permission
1 Execute –x
2 Write -w-
3 Execute + Write -wx
4 Read r–
5 Read + Execute r-x
6 Read + Write rw-
7 Read + Write + Execute Rwx

Let’s run an example to check how it is working:

To display the current permission settings of the folder “Testing_folder,” run the following command:

  • First rw– represents🡪 a user (owner) who can read or write/edit the file but couldn’t be able to execute it since execute mode is set to “-.”
  • The second rw– represents 🡪 a group (all the users added to the group) that can read or write/edit the file.
  • The third r— represents 🡪 others (public) who can only read the file
Читайте также:  Pack tar gz linux

Now execute the chmod command to change permission access:

(760 🡪 owners can read, write or execute the file, the group can read and write, and there is no access for the public users)

Run the “ls” command to check the modification:

Give user access to a folder through symbolic mode:

Three operators are used in symbolic mode to set permission:

Operator Function
+ Add permission
Remove permission
= Set the permission and override the previous permission settings

As we have mentioned in the introductory part that how to represents owners. So, let’s start with an example:

Check the current permission setting of “Testing_folder” using the mentioned “ls” command:

To set permission to the user (owner), the command would be:

Now, execute the “ls” command to get the output:

To remove read permission from the user, run the command:

Now, execute the “ls” command to get results:

How to give a user permission to a folder via GUI:

Changing the file permission using the GUI is the simplest approach. Follow the listed steps:

Open the home directory, and navigate towards the targeted folder.

For example, to change the permission access to a folder “testing,” firstly, select it:

Right-click on the “testing” folder and select “Properties”:

The “Properties” window will appear with 3 tabs:

Navigate to the “Permissions” tab and select it:

From this tab, you can make changes according to the requirement.

Click on the “Change Permission for Enclosed Files,” and you will get a window that allows the user to modify the permission mode, i-e read and write mode for the owners:

Suppose the current permissions status of the “testing” folder is given below:

Let’s open the “change permissions” window and modify the entries as:

Navigate to the “change” button and click it.

Now, confirm using the “ls” command again in the terminal if changes have been made successfully.

Conclusion:

Set permission access to the files or folders is compulsory nowadays for security reasons because someone who is no longer a part of your system may also have folder access. To get control the security issues and keep the files safe, you can set permissions.

There are three categories of ownership i-e user, group, and others. And also, we have 3 types for permission settings such as read, write and execute.

You can give a user permission to the folder in two ways; via command-line and GUI. The GUI approach is better, in my opinion, as it is a pretty straightforward and simple way to set permissions.

About the author

Syeda Wardah Batool

I am a Software Engineer Graduate and Self Motivated Linux writer. I also love to read latest Linux books. Moreover, in my free time, i love to read books on Personal development.

Источник

Оцените статью
Adblock
detector