Granting Users Access to Privileged Files

Linux dedicated servers set permissions for every file, including applications.  Fortunately, it is very quick and easy to change the permissions of files in order to give specific users access.

First, it is important to understand how ownership and permissions work in Linux.  Every file has an owner, and that owner belongs to a group.  When you type “ls -al” from the command line of any directory, every file will display ownership and permission information before its name.  It will look something like this:

rwxr-xr-x 2  user user 4096 2011-04-21 09:24 filename

“rwxr-xr-x” tells you the current permissions for the file.  It tells you that the file named “filename” is readable, writable, and executable (rwx) to its owner, readable and executable (r-x) to its owner’s group, and readable and executable (r-x) to everyone else.  This can be written as 755.   Furthermore, the owner is named “user” and belongs to a group called “user”.

To give reza from the group reza permissions to edit the file, you could simply make it world writable (666, 766 or even 777), but doing so would mean everyone else could also have access to it.  In this case you have a couple of options.  One is to make reza the owner of the file.  If, however, multiple users will need the same permissions, you could also create a group specifically for them and change the file’s ownership to that group.  To do this, run the following command:

chown user:newgroup filename

Replace “newgroup” with the name of the group you have created.  Then, assign write permissions only to the owner and the group:

chmod 664 filename

From that point on, only user, reza, and anyone else in the “newgroup” group can edit the file, and everyone can view it.











Comments: