In Linux, you will find several remarkable security features that allow it to be on the list of the most secure operating systems. One is file or directory permissions granted to users to read, write, or create the files/directories on the system. This is used widely in organizations because there are so many employees and not all have permission to alter, read, create, or delete important files. How can you give a user permission to a folder in Linux? This is the question for today.
This guide is about user permissions on a folder in Linux, and after going through it, users will understand the following aspects.
- What are User Permissions, and How do you Check them in Linux?
- Using the setfacl Command
- Using the chmod Command
Let’s get started with the permissions!
What are User Permissions, and How do you Check them in Linux?
While accessing the files, you must have noticed the error “Access Denied,” which means that you don’t have permission to view the contents of it. This is because the owner of that file or directory did not share or permit you to view them. To check the permissions associated with a folder, use the “ls -ld” command in this format.
$ ls -ld File-or-FolderName
Here’s a folder named “Test” whose permissions are to be checked.
$ ls -ld Test
How to Give Permission to Directory Using the setfacl Command?
To change the user permissions of a directory or a file, the ‘setfacl’ command is used in this format.
$ sudo setfacl -m u:username:rwx myfolder
Here, “-m” stands for modification, followed by “u,” which means username. The “rwx” are permissions (read, write, and execute), and “myfolder” is the name of the directory. Here’s an example of it.
$ sudo setfacl -m u:newuser:r Test
The above command allows the “newuser” to have read access to the folder “Test.” To confirm this, execute this command.
$ getfacl Test
The above command displays the information regarding the permissions, and “newuser” now has the read permissions.
You can also grant permissions to a group that is a collection of users with the same access permissions. Groups manage access to resources such as files, directories, and devices. Here’s how the users can do it using the setfacl command.
$ setfacl -m g:dev:rwx folder
In the above command, the “g” mentions the group, and “dev” is the group’s name, while the “rwx” are the permissions, and “folder” is the name of the directory. It can be confirmed using this command.
$ getfacl folder
As seen above, the dev group now has the read, write and execute permissions.
If you use the “-R” flag, such as below, you can also change permissions for directories and their subdirectories.
$ setfacl -R -m u:newuser:rx Music
After executing the above command, “newuser” now has the read & execute (rx) permissions on “Music” directory and all its sub-directories. For confirmation, use this command.
$ getfacl Music/iTunes
iTunes is a subdirectory of Music on which the “newuser” has permission to read and execute (r&x).
How to Give Permission for Directory Using the chmod Command?
The chmod comes up with two variants, i.e., one is the symbolic representation, and the other is the octal. For better understanding, we will elaborate on both methods.
Using the Symbolic Notation
The symbolic notation specifies file permissions using characters instead of numbers. Using symbolic notation, you can select the permissions you want to set for the owner (u), group (g), others (o), or all (a) of a file or directory. You can also use the + or – signs to add or remove permissions and r, w, and x to represent the read, write, and execute permissions, respectively.
Syntax:
$ chmod symbolic_notation file
Example:
This syntax is used to give a user permission to a folder using the symbolic notation of the chmod command.
$ chmod u+xrwx,g+rx,o-rwx new1
This will give the user read, write, and execute permissions (+rwx), read and execute permissions to the user’s group (+rx), and no permissions (-rwx) to others which can be confirmed using this command.
$ ls -ld new1
The above command, when executed, the user reads, writes, and executes permissions (+rwx), reads and executes permissions to the user’s group (+rx), and no permissions (-rwx) to others.
Using Octal Notation
The octal notation is based on the combination of three numbers used to represent the permissions for the owner, group, and others. Each digit corresponds to the read, write, and execute permissions in that order as shown below:
$ chmod 755 testfolder
The chmod 755 commands will set the permissions on the “testfolder” directory to allow the owner to have all permissions, including read, write, and execute the directory, and let everyone else read and execute the directory.
Here’s what the numbers mean.
- Owner: read, write, execute (7)
- Group: read, execute (5)
- Others: read, execute (5)
Note: Only the chmod command can be used by the owner of the file or folder or by a user with superuser privileges.
Conclusion
The permissions that can be set on a folder/directory can be set, and other users can also read, write, or execute. There are two methods you can use, and we’d recommend using the setfacl command because it allows the owner to set permissions for a group or specific users.
