DEV Community

Cover image for File Permissions, Ownership, and Sudo Access in Red Hat Linux
shamain anjum
shamain anjum

Posted on

File Permissions, Ownership, and Sudo Access in Red Hat Linux

#cloudwhistler #linux #redhat #devops

Welcome to Day 13 of the 30 Days of Linux Challenge!

Today we’re tackling a core security topic in Linux: understanding how to control access to files, processes, and administrative privileges.

Red Hat-based systems like RHEL, CentOS, and Rocky Linux use a powerful and flexible permissions system to govern everything — from who can execute a script to who can restart the firewall.

📚 Table of Contents

Why Permissions Matter

Linux is designed for multi-user environments — whether you're running a server with hundreds of users or managing your own cloud-hosted VM.

Proper permission management helps you:

  • Prevent unauthorized access
  • Avoid accidental deletions or overwrites
  • Control who can run what
  • Secure the system against privilege escalation

Every file and command has an owner, a group, and a set of permissions.

Understanding File Permissions (rwx)

Check file permissions:

ls -l

Example output:
-rwxr-xr-- 1 root admin 1032 Apr 9 script.sh

Breakdown:
rwx = user (owner) can read, write, execute

r-x = group can read and execute

r-- = others can only read

Symbol Value Meaning
r 4 Read
w 2 Write
x 1 Execute

Changing Permissions with chmod

Symbolic mode:
chmod u+x file.sh # Add execute for user
chmod go-w file.txt # Remove write for group and others

Numeric (octal) mode:
chmod 755 script.sh # rwx for user, rx for group & others
chmod 644 note.txt # rw for user, r for others

Octal Permission Meaning
7 rwx full access
6 rw- read/write
5 r-x read/execute
4 r-- read only

Changing Ownership with chown and chgrp

Change file owner:
sudo chown user file.txt

Change group:
sudo chgrp developers file.txt

Change both:
sudo chown user:group file.txt

Understanding Sudo and the Wheel Group

The sudo command allows users to perform tasks as root (admin) — but only if they’re authorized.

On Red Hat systems:
Sudoers are typically part of the wheel group.

Check:
getent group wheel

Add a user to the wheel group:
sudo usermod -aG wheel username

Edit sudo privileges (safely):
sudo visudo
This opens /etc/sudoers in a syntax-checked editor.

Example rule (no password required):
username ALL=(ALL) NOPASSWD: /bin/systemctl restart apache2
This allows username to restart Apache without typing a password.

Try It Yourself

Check file permission

ls -l example.txt

Change permissions

chmod 600 example.txt
chmod +x script.sh

Change ownership

sudo chown youruser:yourgroup example.txt

Add current user to sudoers (Red Hat = wheel group)

sudo usermod -aG wheel $(whoami)

Verify sudo access

groups
sudo whoami

Why This Matters

Permissions and sudo access impact:

  • System security and user isolation
  • Safe automation of scripts and services
  • Proper delegation in multi-admin environments
  • Regulatory compliance in enterprise IT

Misconfigured permissions can lead to:

  • Accidental data loss
  • Privilege escalation
  • Production outages

Top comments (0)