Diagnose and correct file permission problems

6. Create and Configure File Systems

πŸ“˜Red Hat Certified System Administrator (RHCSA – EX200)

In IT systems, file permissions are rules that control who can read, write, or execute a file or folder. Understanding and fixing permission problems is essential to ensure that users and applications can access files safely without causing security issues.

1. Understanding File Permissions in Linux

Linux (and Unix-based systems) uses three main permission types for three different groups:

Permission types:

  • Read (r): Allows viewing the file content.
  • Write (w): Allows modifying the file content.
  • Execute (x): Allows running the file as a program or script.

Groups:

  1. Owner: The user who owns the file.
  2. Group: Other users in the same group as the file.
  3. Others: All other users on the system.

Example:

-rwxrw-r--
  • rwx β†’ Owner can read, write, and execute.
  • rw- β†’ Group can read and write.
  • r-- β†’ Others can only read.

2. Checking Permissions

To diagnose permission issues, first check who owns the file and its current permissions:

ls -l /path/to/file

Output example:

-rw-r--r-- 1 alice developers 1024 Mar 12 10:30 report.txt
  • Owner: alice
  • Group: developers
  • Permissions: rw- for owner, r-- for group and others.

3. Common Permission Problems

  1. User cannot read a file
    • Cause: Read permission missing.
    • Example: cat report.txt If denied, check permissions.
  2. User cannot write to a file
    • Cause: Write permission missing or file is owned by another user.
    • Example: echo “Update” >> report.txt
  3. User cannot execute a script
    • Cause: Execute permission missing.
    • Example: ./backup.sh
  4. Access denied even with correct permissions
    • Cause: File may be on a mounted filesystem with restricted permissions (like NFS) or ACL issues.

4. Correcting Permissions

You can change file permissions using the chmod command.

Syntax:

chmod [options] permissions file

Two ways to specify permissions:

  1. Symbolic: Using letters chmod u+x script.sh # Adds execute for owner
    chmod g-w report.txt # Removes write for group
    chmod o+r file.txt # Adds read for others
    • u β†’ owner (user)
    • g β†’ group
    • o β†’ others
    • + β†’ add permission
    • - β†’ remove permission
    • = β†’ set exact permission
  2. Numeric (Octal):
    Each permission has a number:
    • Read = 4
    • Write = 2
    • Execute = 1
      Add them up for each group:
    chmod 755 script.sh
    • Owner: 7 (4+2+1 β†’ rwx)
    • Group: 5 (4+0+1 β†’ r-x)
    • Others: 5 (r-x)

5. Correcting Ownership

Sometimes, permission issues occur because the wrong user or group owns the file.

Use the chown command:

chown owner:group /path/to/file

Example:

chown alice:developers report.txt
  • Changes the owner to alice
  • Changes the group to developers

6. Advanced Permissions: ACLs

In modern IT environments, Access Control Lists (ACLs) allow more detailed permissions.

Check ACLs:

getfacl /path/to/file

Set ACLs:

setfacl -m u:bob:rw file.txt  # Give user bob read/write

ACLs are useful when multiple users need different levels of access that the standard owner/group/others model cannot handle.

7. Diagnosing Permission Problems

Step-by-step approach:

  1. Check current permissions: ls -l file.txt
  2. Check ownership: ls -l file.txt
    • Verify owner and group.
  3. Check ACLs (if normal permissions are correct but access is still denied): getfacl file.txt
  4. Check mount options (for network drives or external storage):
    • Some mounts can be read-only:
    mount | grep /mnt/share
  5. Correct permissions or ownership:
    • Use chmod and chown as needed.

8. IT Environment Examples

  1. Web server files
    • Apache or Nginx must read website files.
    • Commands: chown www-data:www-data /var/www/html/index.html
      chmod 644 /var/www/html/index.html
  2. Scripts for automated tasks
    • Must be executable by the automation user.
    • Command: chmod +x /usr/local/bin/backup.sh
  3. Shared project folder
    • Multiple developers need read/write.
    • Commands: chown -R alice:developers /srv/projects
      chmod -R 770 /srv/projects

9. Key Commands to Remember for the Exam

TaskCommand Example
View permissionsls -l filename
Change permissionschmod 755 script.sh
Change ownerchown alice file.txt
Check ACLgetfacl file.txt
Set ACLsetfacl -m u:bob:rw file.txt
Diagnose mount permissions`mount

10. Exam Tips

  • Always check owner, group, and permissions before making changes.
  • Remember the order: diagnose β†’ fix permissions β†’ fix ownership β†’ check ACLs.
  • Numeric (chmod 755) and symbolic (chmod u+x) are both acceptable on the exam.
  • Understand practical scenarios like web servers, scripts, shared folders.

This covers everything necessary for Sub-topic 6.5 for your exam in a clear, IT-focused way.

Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by