Solved

How to  give access permission  for a folder for  different users with different access rights in linux?

Posted on 2008-06-13
5
11,988 Views
Last Modified: 2013-12-16
I want to give a access permission for 4 users for the same folder (Foler Name: source_code) with different access rights in linux.

I want to give access rights for a folder in GUI mode and in command line mode.

for user1 = read and execute
for user2 = read, write and execute.
for user3 = read only.
for user4 = read only.

Any Help?
0
Comment
Question by:rajasekarramasamy
5 Comments
 
LVL 16

Expert Comment

by:Blaz
ID: 21777631
File permisions in linux are for three groups of users: rights for the owner, rights for the group andrights for all users.

Your case can be easily implemented by this scheme if you say that ALL users have read access (and all users include user3 and user4).

So:
Chmod 754 *
Chown user2:user1group *

Provided that you have a group named user1group in which there is only the user user1.
0
 
LVL 48

Expert Comment

by:Tintin
ID: 21777710
Are you aware that user3 and user4 won't be able to list any files in the folder?
0
 
LVL 2

Accepted Solution

by:
prince_ban earned 125 total points
ID: 21778018
Well this requires acl
(access control list ) concept as we are using different access controls on a particular directory or folder:

1. mount the filesystem with acl parameter so that acls can be executed
   
    mount -t ext3 -o acl devicename mountpoint/partition
   
2. make entry in fstab for persistance during boot times

eg. LABEL=/work      /work       ext3    acl        1 2

3. get the acl parameters to check from folder

   getfacl foldername

4. set acl on it acc. to contitions above

   setfacl -m u:user1:r-x foldername
   setfacl -m u:user2:rwx foldername
   setfacl -m u:user3:r-- foldername
   setfacl -m u:user4:-- foldername

5. verify all by seeing all control contexts by

 getfacl fodlername

follow above & lemm know if thrs still any issue with the above.


     
     
0
 
LVL 48

Expert Comment

by:Tintin
ID: 21782517
prince_ban, ACL's are not necessarily needed.  It just depends if user1 is in a unique group.
0
 
LVL 23

Assisted Solution

by:Mysidia
Mysidia earned 125 total points
ID: 21787268
ACLs may still be needed (if you do not wish to tweak permissions of the parent directory), because it is implicit that there are user6, user7, and user8 may exist who should have no access at all.   Granting world read access is probably unacceptable from a security standpoint.

The information must be confidential, and there may be other users of the system, otherwise  "user3" and "user4"  would not be listed as the only users that have read-only access.

There are two issues here:
* What permissions and ownerships to set on the folder
* What permissions and ownerships to set on files in the folder

It's actually not very useful to give a user "read" permission to a directory but not "execute".

The reason is without "execute" permission to a directory, you can't do anything with it.
In fact, you cannot CD into the directory or read any file from it without execute permission.

If you want to restrict the ability to execute a file, you have to use file permissions (not folder permissions)

With ACLs you _can_  set the default permissions for new files in the folder.

You can specify (for instance)

(First apply ACLs to the files)
setfacl -R -m group:firstgroup:rwx  (foldername)
setfacl -R -m group:secondgroup:r-x  (foldername)
setfacl -R -m group:thirdgroup:r--  (foldername)

(Then apply ACLs to the folder)
setfacl -m default:group:firstgroup:rwx   (foldername)

mask:---
group:firstgroup:rwx
group:secondgroup:r-x
group:thirdgroup:r-x
defaut:group:firstgroup:rwx
default:group:secondgroup:r-x
default:group:thirdgroup:r--


'default'  pertains to the initial permissions that new files get when you create them
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

You ever wonder how to backup Linux system files just like Windows System Restore?  Well you can use Timeshift in Linux to perform those similar action.  This tutorial will show you how to backup your system files and keep regular intervals. Note…
1. Introduction As many people are interested in Linux but not as many are interested or knowledgeable (enough) to install Linux on their system, here is a safe way to try out Linux on your existing (Windows) system. The idea is that you insta…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now