Here is all you need to know. From my notebook.
- One Owner and Group per folder and file
- Multiple users can be in a group to be granted same permissions
- Bit level permissions allow to control if Owner, Group, and Others (Public) have permission
chmod ogp -options /directory/of/folder/file
options: -R | changes permission for all files and folders in the tree
These contain number values 1 2 and 4. 1 is execute. 2 is write. 4 is read.
example: chmod 774 /home/cmtech = owner and group can read write and execute while others can only read.
chown username:groupname /directory/of/folder/file - changes the owner of the file or folder
chgrp groupname /directory/of/folder/file - changes group of file or folder
To apply permissions to all subfolders/files use option -R for recursive. Ex: sudo chown owner -R /home/owner
useradd username - creates new user and group that are equal
groupadd groupname - creates group
adduser username groupname - adds user to group
usermod -G groupname username - adds user to group as primary
usermod -a -G groupname username - adds user to group as secondary
Folder Inheritance/Default Permissions
Newly created folders or files created in Linux by default do not contain inherited permissions from its parent unlike in Windows. This is one feature I honestly wish was available by default, as it creates a lot of issues for public folders. For example, if we have purely public folder, but user A creates a file.. only user A will have write access to that file, so no one else will be able to delete this file. This makes it hard for Administrators to delete unnecessary files/folders or to achieve a purely public/everyone folder.
The plus side of this is that when a user creates a file in a public folder, it is only for others to view. That user will decide whether to delete it or not. This is more or less a privileged folder.. so we will call it privilege.
To enable folder inheritance.. simply use this command below. Make sure to have set all the permissions of the folder, subfolders, and files before using this command.
setfacl -R -d -m u:username:rwx,g:groupname:rwx ,o::rwx /directory
mount -o remount,acl /
if setfacl doesn't work, make sure to sudo apt-get instal acl
Edited by retnaut, 29 September 2013 - 08:51 PM.