Linux write permission to file

How do I give write permission to file in Linux?

How can I (programmatically) give write permission on a file to a particular user in Linux? Like, for example, its owner? Everyone has read access to this file.

This is not off-topic. This is a specific programming problem. The question is not stellar, but it’s not off-topic.

5 Answers 5

In a shell or shell script simply use:

This only modifies the write bit for the user, all other flags remain untouched.

If you want to do it in a C program, you need to use:

int chmod(const char *path, mode_t mode); 

First query the existing mode via

int stat(const char *path, struct stat *buf); 

. and just set the write bit by doing newMode = oldMode | S_IWUSR . See man 2 chmod and man 2 stat for details.

If you are setting it, you can skip querying the current one and ORing the mode, and directly use chmod(path, 0666); .

@Delan Azabani: The poster said: «give write permission of a file to a particular user». Your code would give everyone write access which is probably not what the poster wanted. If you want to preserve the access modes for group and other you must query the current mode and OR with the desired flag.

Gah, I made a mistake, sorry. Sorry, I meant chmod(path, 0644); , which should do what is expected. I interpreted the «But, which can be accessed and read by any other user.» part as a green light to resetting the group and other modes.

The octal mode 644 will give the owner read and write permissions, and just read permissions for the rest of the group, as well as other users.

read = 4 write = 2 execute = 1 owner = read | write = 6 group = read = 4 other = read = 4 

The basic syntax of the command to set the mode is

#include chmod("[file name]", 0644); 

The problem here is that you’re also modifying the flags for group and others. That may or may not be what the poster wants, it isn’t exactly clear from his question. But in your C example you’re using mode 0666 instead of the 0644 you’ve proposed earlier. That would give everyone write access which most likely is not what the poster wanted.

Again, sorry, I made a mistake there; fixed. I interpreted the «But, which can be accessed and read by any other user.» part as a green light to resetting the group and other modes.

@Delan Azabani: Yes, you might be right here, I’ve overlooked that part. The question really should have been more specific.

Источник

Linux chmod and chown – How to Change File Permissions and Ownership in Linux

Zaira Hira

Zaira Hira

Linux chmod and chown – How to Change File Permissions and Ownership in Linux

Linux is a multi user OS which means that it supports multiple users at a time.

As many people can access the system simultaneously and some resources are shared, Linux controls access through ownership and permissions.

Читайте также:  Linux mint поиск дубликатов файлов

Linux file ownership

In Linux, there are three types of owners: user , group , and others .

Linux User

A user is the default owner and creator of the file. So this user is called owner as well.

Linux Group

A user-group is a collection of users. Users that belonging to a group will have the same Linux group permissions to access a file/ folder.

You can use groups to assign permissions in a bulk instead of assigning them individually. A user can belong to more than one group as well.

Other

Any users that are not part of the user or group classes belong to this class.

Linux File Permissions

File permissions fall in three categories: read , write , and execute .

Read permission

For regular files, read permissions allow users to open and read the file only. Users can’t modify the file.

Similarly for directories, read permissions allow the listing of directory content without any modification in the directory.

Write permission

When files have write permissions, the user can modify (edit, delete) the file and save it.

For folders, write permissions enable a user to modify its contents (create, delete, and rename the files inside it), and modify the contents of files that the user has write permissions to.

Execute permission

For files, execute permissions allows the user to run an executable script. For directories, the user can access them, and access details about files in the directory.

Below is the symbolic representation of permissions to user, group, and others.

image-157

Note that we can find permissions of files and folders using long listing ( ls -l ) on a Linux terminal.

image-158

In the output above, d represents a directory and — represents a regular file.

image-159

How to Change Permissions in Linux Using the chmod Command

Now that we know the basics of ownerships and permissions, let’s see how we can modify permissions using the chmod command.

Syntax of chmod :

chmod permissions filename
  • permissions can be read, write, execute or a combination of them.
  • filename is the name of the file for which the permissions need to change. This parameter can also be a list if files to change permissions in bulk.

We can change permissions using two modes:

  1. Symbolic mode: this method uses symbols like u , g , o to represent users, groups, and others. Permissions are represented as r, w, x for read write and execute, respectively. You can modify permissions using +, — and =.
  2. Absolute mode: this method represents permissions as 3-digit octal numbers ranging from 0-7.

Now, let’s see them in detail.

How to Change Permissions using Symbolic Mode

The table below summarize the user representation:

User representation Description
u user/owner
g group
o other

We can use mathematical operators to add, remove, and assign permissions. The table below shows the summary:

Operator Description
+ Adds a permission to a file or directory
Removes the permission
= Sets the permission if not present before. Also overrides the permissions if set earlier.

Example:

Suppose, I have a script and I want to make it executable for owner of the file zaira .

Current file permissions are as follows:

image-161

Let’s split the permissions like this:

image-160

To add execution rights ( x ) to owner ( u ) using symbolic mode, we can use the command below:

Now, we can see that the execution permissions have been added for owner zaira .

Читайте также:  Как остановить сервис linux

image-162

Additional examples for changing permissions via symbolic method:

  • Removing read and write permission for group and others : chmod go-rw .
  • Removing read permissions for others : chmod o-r .
  • Assigning write permission to group and overriding existing permission: chmod g=w .

How to Change Permissions using Absolute Mode

Absolute mode uses numbers to represent permissions and mathematical operators to modify them.

The below table shows how we can assign relevant permissions:

Permission Provide permission
read add 4
write add 2
execute add 1

Permissions can be revoked using subtraction. The below table shows how you can remove relevant permissions.

Permission Revoke permission
read subtract 4
write subtract 2
execute subtract 1
  • Set read (add 4) for user , read (add 4) and execute (add 1) for group, and only execute (add 1) for others.

This is how we performed the calculation:

image-163

Note that this is the same as r—r-x—x .

To remove execution from other and group , subtract 1 from the execute part of last 2 octets.

image-164

  • Assign read , write and execute to user , read and execute to group and only read to others.

This would be the same as rwxr-xr— .

image-165

How to Change Ownership using the chown Command

Next, we will learn how to change the ownership of a file. You can change the ownership of a file or folder using the chown command. In some cases, changing ownership requires sudo permissions.

How to change user ownership with chown

Let’s transfer the ownership from user zaira to user news .

image-167

Command to change ownership: sudo chown news mymotd.sh

image-168

How to change user and group ownership simultaneously

We can also use chown to change user and group simultaneously.

How to change directory ownership

You can change ownership recursively for contents in a directory. The example below changes the ownership of the /opt/script folder to allow user admin .

How to change group ownership

In case we only need to change the group owner, we can use chown by preceding the group name by a colon :

Linux Permissions Guided Exercise

Up until now we have explored permissions, ownerships, and the methods to change them. Now we will reinforce our learning with a guided exercise.

Goal: To create groups and assign relevant permissions to its members. Verify access by accessing it from unauthorized users.

Task: Create a group called dev-team and add two members (John and Bob) to it. Create a folder /home/dev-team and change ownership to group dev-team . Verify that both users in the dev-team group have read and write access to the folder.

Create another group project-manager and add a user Fatima to it. Verify if the folder /home/dev-team is accessible by Fatima .

Visualization of the problem

We can visualize the problem like this:

Notes_220426_040131_1

Step 1: Switch to root user.
Switch to root user so that we have the rights to create new users and groups.

Use the sudo command with flag i .

If you have the root password, you can login using that as well.

Enter sudo -i to switch to the root user.

Enter whoami to find out if you are the root user:

step1-1

If you do not have root access, use the commands with appending sudo .

Step 2: Create a group dev-team

Syntax: groupadd group-name

Enter groupadd dev-team to create the dev-team group

Verify: cat /etc/group | grep dev-team

Step 3: Create two new users John and Bob and add them to the dev-team group

Читайте также:  Linux mint поддержка до какого года

useradd creates a new user and adds to the specified group.

Syntax: useradd -G groupname username

Where -G specifies the group.

Verify: cat /etc/group | grep dev-team

step3-1

Step 4: Provide passwords for users John and Bob

passwd creates a password for users.

Step 5: Create a directory in /home and name it dev-team

mkdir creates a directory.

Syntax: mkdir directory-name

correction

Step 6: Change the group ownership of the folder dev-team to group dev-team

Syntax: chown :group-name folder

chown :dev-team /home/dev-team/

step6

Step 7: Make sure the permissions of folder dev-team allow group members to create and delete files.

Write permissions allow users and groups to create and delete files.

Syntax: chmod permissions folder

step7

Step 8: Ensure that ‘others’ don’t have any access to the files of dev-team folder.

Remove read, write, execute permissions from ‘others’ if they exist.

Syntax: chmod permissions folder

correction2

Step 9: Exit the root session and switch to John

Use command exit to logout of the root user.

To confirm current user, use command whoami .

Verify with command whoami .

Step 10: Navigate to folder: /home/dev-team

Use command cd to switch folders.

Confirm current path with pwd .

Step 11: Create an empty file in the folder: /home/dev-team

Use command touch to create an empty file.

john

Step 12: Change the group ownership of the created file to dev-team and verify.

Use command chown to change ownership.

Syntax: chown :group file-name

chown :dev-team john-file.txt

Once group ownership is modified, all members of the group can access this file.

step10

Step 13: Exit the shell and switch to user Bob

Use command exit to exit the terminal.

To confirm current user, use command whoami .

Verify the current user with command whoami .

Step 14: Navigate to the path /home/dev-team

Use command cd to switch folders.

Confirm current path with pwd .

Step 15: Find out Bob’s privileges to access john-file.txt

Use command ls -l for long listing.

Syntax: ls -l | grep file-name

Does group have rw- permissions?

step13

Step 16: Modify the file john-file.txt while logged in as Bob

Use command echo to add some text to the file.

Syntax: echo «Some text» >>file-name

This would redirect the quoted text to end of the file.

echo «This is Bob’s comment» > john-file.txt

If all the permissions are correctly set, Bob would be allowed to edit and save this file. Otherwise you would get an error like this: Permission denied .

bob-comment

Step 17: Create another group project-manager and assign a member Fatima to it

Use command groupadd to add a new group.

Syntax: groupadd group-name

Create a new user with command useradd .

Use flag -G to assign a user to it.

groupadd project-manager useradd -G project-manager Fatima passwd Fatima 

Step 18: Navigate to folder /home/dev-team and verify if Fatima can access it

Use cd to navigate to /home/dev-team .

fatima

This is because, others don’t have any access to the folder dev-team .

If we recall, below are the rights of the dev-team folder.

recall

Wrapping up

Permissions and ownerships are useful concepts for enforcing security across multi-user operating systems. I hope you were able to learn about changing permissions and ownerships in depth.

What’s your favorite thing you learned from this tutorial? Let me know on Twitter!

You can also read my other posts here.

Thanks to Tom Mondloch for his help with the guided exercise.

Источник

Оцените статью
Adblock
detector