Share this page!

Enter Twitter Thread URL to Unroll

Needs to be the full URL like: https://twitter.com/threadreaderapp/status/1644127596119195649

How to get URL link on Twitter App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Rakesh Jain Profile picture
@devops_tech
Jun 5 23 tweets 9 min read Twitter logo Read on Twitter
Linux Advanced Permission Management 🐧🔒

Explaining SetUID, SetGID, Sticky Bit, FACL's -

A Thread 👇 PS: https://cdn.hashnode.co...
1/10: Hey everyone! Let's talk about advanced permission management in Linux. 🚀 As you know, Linux is known for its robust security features, and permissions play a vital role in controlling access to files & directories. Let's dive in & explore some examples! #LinuxPermissions
2/10: First, we have the basic permission system: read, write, and execute, represented by the letters 'r', 'w', and 'x'. These permissions are assigned to three entities: owner, group, and others.

Let's see an example using the ls -l command. #LinuxPermissions
3/10: Suppose we have a file named 'example.txt' with the following permissions: '-rw-r--r--'. The first character indicates the file type, while the next nine characters represent the permissions. In this case, the owner has read & write permissions, while others can only read.
4/10: We can change permissions using the chmod command.

For instance, to grant execute permission to the owner, we would run: chmod u+x example.txt.
Similarly, we can modify permissions for groups ('g') and others ('o'). #LinuxPermissions
5/10: Sometimes, we need to grant certain permissions to multiple entities. That's where the 'a' (all) option comes in handy. If we want to allow everyone to read and execute the file, we can use: chmod a+rx example.txt. #LinuxPermissions
6/10: In addition to the basic perms, Linux also supports special permissions. One of them is the 'setuid' permission (s), which allows a user to execute a file with the permissions of the file owner.

For eg,
'chmod u+s executable'

sets the setuid permission for the owner.
7/10: Another special permission is 'setgid' (s) which allows a user to execute a file with the permissions of the group owner.

To set the setgid permission for a directory, use
'chmod g+s directory'.

#LinuxPermissions
8/10: Finally, we have the 'sticky' bit (t). When applied to a directory, it ensures that only the owner of a file can delete or rename it.

To set the sticky bit, use 'chmod +t directory'. #LinuxPermissions
9/10: These advanced permission features provide finer control over file access and security in Linux. Whether it's granting specific permissions to multiple entities or utilizing special permissions, Linux has you covered! #LinuxPermissions
10/10: That concludes our exploration of advanced permission management in Linux. 🎉 Understanding and utilizing these features will help you enhance security and control access effectively.
Now lets understand File Access Control Lists (FACL) in Linux 🐧🔒

Small Thread 👇
1/10: Let's explore an advanced feature in Linux called File Access Control Lists (FACL). 🚀 FACL provides a more granular level of access control beyond the traditional permission system. Let's dive in and see how it works! #FACL #LinuxSecurity
2/10: In the standard permission system, we have three entities: owner, group, and others. However, with FACL, we can assign specific permissions to individual users and groups. It allows for fine-grained control over file and directory access. #FACL #LinuxSecurity
3/10: To view the FACL of a file or directory, we can use the getfacl command. For example, running getfacl myfile.txt will display the FACL entries associated with 'myfile.txt'. Let's see an example output! #FACL #LinuxSecurity
4/10: Suppose we have a file named 'myfile.txt' with the following FACL entry:

user:john:rwx

This means that the user 'john' has read, write, and execute permissions on the file. Other users and groups will still follow the standard permission system. #FACL #LinuxSecurity
5/10: Now, let's add a FACL entry for a group. We can use the 'group:' prefix followed by the group name.

For instance:
group:admins:rw-

This grants read & write permissions to the group 'admins'. Other users & groups will still follow their respective std permissions. #FACL
6/10: We can add or modify FACL entries using the setfacl command. For example, to grant read and execute permissions to the user 'jane' on 'myfile.txt', we can run:

setfacl -m u:jane:rx myfile.txt

This adds the FACL entry 'user:jane:rx' to the file. #FACL #LinuxSecurity
7/10: FACLs can also be inherited by subdirectories. Using the '-R' option with setfacl, we can recursively apply FACLs to all files and directories within a directory. This helps maintain consistent access control across the directory tree. #FACL #LinuxSecurity
8/10: If we want to remove a specific FACL entry, we can use the setfacl command with the '-x' option.

For eg, to remove the FACL entry for the user 'john' on 'myfile.txt', we can run:

setfacl -x u:john myfile.txt

This removes the 'user:john:rwx' entry. #FACL #LinuxSecurity
9/10: FACLs are a powerful tool for access control in Linux, allowing fine-grained permissions for individual users and groups.

They provide flexibility and enhance security, especially in complex scenarios. #FACL #LinuxSecurity
10/10: That concludes our exploration of File Access Control Lists (FACL) in Linux. 🎉 By utilizing FACLs, u can further refine access ctrl & strengthen the security of your files & directories.

If u hv any qns, feel free to ask! Happy securing! 🔒🐧 #FACL #LinuxSecurity
Retweet the thread if you find it useful. Thanks!

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Rakesh Jain

Rakesh Jain Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @devops_tech

Rakesh Jain Profile picture
Jun 6
20 examples of important Linux process management commands!

A Thread 👇 PS: https://cdn.hashnode.co...
1/20: ps - View running processes and their details.

Example:
ps -e

displays information about all processes running on the system.
2/20: top - Monitor real-time system activity.

Example: Running top shows a dynamic view of processes, memory usage, and CPU utilization.
Read 23 tweets
Rakesh Jain Profile picture
Jun 3
Top 20 Linux networking commands explained with examples!

A Thread 👇 PS: https://cdn.lynda.com/c...
1⃣ ifconfig: Displays network interface configuration.

For example,
ifconfig eth0

shows the configuration details of the Ethernet interface. #LinuxNetworkingExample
2⃣ ip: Versatile command to manage network interfaces, addresses, and routes.

For instance,
ip addr show

displays IP addresses assigned to all interfaces. #LinuxNetworkingExample
Read 23 tweets
Rakesh Jain Profile picture
Jun 1
20 most useful kubectl command examples!

A Thread 👇 PS: https://geekflare.com/w...
1️⃣ kubectl get pods -n <namespace>

Retrieves all pods in a specific namespace.
2️⃣ kubectl describe pod <pod-name> -n <namespace>

Provides detailed information about a specific pod.
Read 23 tweets
Rakesh Jain Profile picture
May 25
Ansible Ad Hoc Commands!

20 important Examples below 👇 Image
1/20 🔥 Use 'ansible' followed by the target host(s) to execute ad hoc commands.

For example:
ansible all -m ping

pings all hosts in your inventory.
2/20 📜 To run a shell command remotely, employ the 'shell' module:

ansible all -m shell -a 'ls /tmp'

lists the contents of '/tmp' on all hosts.
Read 22 tweets
Rakesh Jain Profile picture
May 23
Want your application to migrate to AWS!

Step-by-step process to migrate an application running on-premises to AWS Cloud -

A Thread 👇
Step 1: Assess Your Application:

Understand your application's architecture, dependencies, and resource requirements. Identify potential challenges and areas for improvement. Image
Step 2: Design the AWS Architecture:

Create a cloud architecture that suits your application's needs. Consider services like EC2, RDS, S3, and load balancers. Leverage AWS Well-Architected Framework for best practices.
Read 19 tweets
Rakesh Jain Profile picture
May 13
The differences between NGINX load balancer and AWS Application Load Balancer! ⚖️

Which one is cost 💰 effective!

A Thread 👇 PS: https://dytvr9ot2sszz.c...
1/8 NGINX load balancer is an open-source software that can be used to distribute incoming network traffic across multiple servers. In contrast, AWS Application Load Balancer (ALB) is a fully managed service that's offered by Amazon Web Services.
2/8 NGINX load balancer is highly customizable and can be configured to handle a wide range of use cases. It provides advanced load balancing features like caching, SSL termination, and content-based routing. AWS ALB, on the other hand, is designed to be simple and easy to use.
Read 22 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(