![]() ![]() They let us "tack on" access for other users or groups. This type of situation is what Linux Access Control Lists (ACLs) were intended to resolve.ĪCLs allow us to apply a more specific set of permissions to a file or directory without (necessarily) changing the base ownership and permissions. This situation can be tricky because, with regular permissions, each file and directory can have only one user and group owner at a time. ![]() ![]() What if you have an accounting intern (Kenny) who needs to be able to read certain files (or even just the files owned by Fred, his manager)? Or maybe people in the sales department also need access to the accounting owner’s files to create invoices for Fred’s team in order to bill customers, but you don’t want the sales team to see the other reports that Fred's team generates. However, that's outside the scope of this discussion. Note: You can also use special permissions to control settings like who actually owns new files created in that directory, as well as the sticky bit which controls whether members of the group can delete each other's files. So, we might change the permissions to this: drwxrwx- 2 accounting accounting 12 Jan 8 15:13. Others (users not in the accounting department) can, however, see and execute what’s in there, which some might think is a bad idea. The accounting service user (the user owner) can read and write to the directory, and members of the accounting group (or owner group) can read and write. You might set these permissions to: drwxrwxr-x 2 accounting accounting 12 Jan 8 15:13 Say that you have a directory where files from the accounting department live. These levels of access are often adequate in many cases. With these permissions, we can grant three (actually five, but we’ll get to that in a minute) types of access: The Linux filesystem gives us three types of permissions. How well do you know Linux? Take a quiz and get a badge.Linux system administration skills assessment.A guide to installing applications on Linux.Download RHEL 9 at no charge through the Red Hat Developer program. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |