Welcome to Day 13 of the 30 Days of Linux Challenge!

Today we’re tackling a core security topic in Linux: understanding how to control access to files, processes, and administrative privileges.

Red Hat-based systems like RHEL, CentOS, and Rocky Linux use a powerful and flexible permissions system to govern everything — from who can execute a script to who can restart the firewall.

📚 Table of Contents

• Why Permissions Matter
• Understanding File Permissions (rwx)
• Changing Permissions with chmod
• Changing Ownership with chown and chgrp
• Understanding Sudo and the Wheel Group
• Try It Yourself
• Why This Matters

Why Permissions Matter

Linux is designed for multi-user environments — whether you're running a server with hundreds of users or managing your own cloud-hosted VM.

Proper permission management helps you:

• Prevent unauthorized access
• Avoid accidental deletions or overwrites
• Control who can run what
• Secure the system against privilege escalation

Every file and command has an owner, a group, and a set of permissions.

Understanding File Permissions (rwx)

Check file permissions:

ls -l

Example output:
-rwxr-xr-- 1 root admin 1032 Apr 9 script.sh

Breakdown:
rwx = user (owner) can read, write, execute

r-x = group can read and execute

r-- = others can only read

Symbol Value Meaning
r 4 Read
w 2 Write
x 1 Execute

Changing Permissions with chmod

Symbolic mode:
chmod u+x file.sh # Add execute for user
chmod go-w file.txt # Remove write for group and others

Numeric (octal) mode:
chmod 755 script.sh # rwx for user, rx for group & others
chmod 644 note.txt # rw for user, r for others

Octal Permission Meaning
7 rwx full access
6 rw- read/write
5 r-x read/execute
4 r-- read only

Changing Ownership with chown and chgrp

Change file owner:
sudo chown user file.txt

Change group:
sudo chgrp developers file.txt

Change both:
sudo chown user:group file.txt

Understanding Sudo and the Wheel Group

The sudo command allows users to perform tasks as root (admin) — but only if they’re authorized.

On Red Hat systems:
Sudoers are typically part of the wheel group.

Check:
getent group wheel

Add a user to the wheel group:
sudo usermod -aG wheel username

Edit sudo privileges (safely):
sudo visudo
This opens /etc/sudoers in a syntax-checked editor.

Example rule (no password required):
username ALL=(ALL) NOPASSWD: /bin/systemctl restart apache2
This allows username to restart Apache without typing a password.

Try It Yourself

Check file permission

ls -l example.txt

Change permissions

chmod 600 example.txt
chmod +x script.sh

Change ownership

sudo chown youruser:yourgroup example.txt

Add current user to sudoers (Red Hat = wheel group)

sudo usermod -aG wheel $(whoami)

Verify sudo access

groups
sudo whoami

Why This Matters

Permissions and sudo access impact:

• System security and user isolation
• Safe automation of scripts and services
• Proper delegation in multi-admin environments
• Regulatory compliance in enterprise IT

Misconfigured permissions can lead to:

• Accidental data loss
• Privilege escalation
• Production outages