DX
DEVOPS LABDevOpsLabX
← Back to trackModule: Linux Essentials (Week 1)

BEGINNER · Medium · 60m

Permissions and ownership without fear

Foundations Bootcamp

Lesson notes

Goal

Understand Linux permissions well enough to fix "permission denied" problems quickly and safely.

The Mental Model

Every file/folder has:

  • an owner (user)
  • a group
  • permissions for user/group/others
-rw-r--r--  1 ubuntu  ubuntu  1234 Feb 13  file.txt
drwxr-x---  2 root    devops  4096 Feb 13  app/

Read it as:

  • first char: file type (- file, d directory, l symlink)
  • next 9 chars: permissions in 3 groups: user / group / others

Core Commands

Inspect

ls -l
ls -ld /path/to/dir
id
groups
whoami

Change permissions (chmod)

chmod u+rwx file
chmod g+rw file
chmod o-r file
chmod 640 file
chmod 750 /opt/app

Common safe patterns:

  • 644 files: owner read/write, others read
  • 755 directories: owner full, others can read + enter

Change owner/group (chown)

chown user:filegroup file
chown -R devops:devops /opt/app

Why Directories Feel "Different"

Directory permissions:

  • r: list names (ls)
  • x: enter directory (cd) and access files inside
  • w: create/delete/rename inside (needs x to be useful)

Example: you can ls but cannot cd if x is missing.

Real DevOps Scenario: App cannot write logs

Symptoms:

  • app crashes
  • log shows Permission denied

Fix approach:

ls -ld /var/log/myapp
id
sudo chown -R myapp:myapp /var/log/myapp
sudo chmod 750 /var/log/myapp

Special Bits (know they exist)

You will see these in production:

  • setuid (u+s): run as file owner
  • setgid (g+s): new files inherit group
  • sticky bit (+t): only owner can delete (common in /tmp)
chmod g+s /shared/teamdir
chmod +t /tmp

Exercises

Exercise A: Fix "permission denied"

  1. Create a directory and remove execute permission:
mkdir -p lab/secure
chmod 600 lab/secure
cd lab/secure   # should fail
  1. Fix it using chmod so you can enter.

Exercise B: Group collaboration

  1. Create a shared folder and make group-inheritance work:
mkdir -p lab/shared
chmod 2770 lab/shared
  1. Verify new files inherit the group.

Troubleshooting Checklist

When something fails:

  • check permissions on the directory (not only the file)
  • check which user the process runs as
  • check group membership (log out/in sometimes required)
  • avoid chmod 777 as a "fix" (it is almost always a security problem)

Next Step

Combine this with systemd + logs: most production issues are "wrong user" + "wrong directory permissions".

← PreviousNext →
View full outline

Outline

Use the outline to jump to any topic.

Track tools

Search lessons, continue where you left off, and track completion.

Continue learning →Jump to outline

Modules

3

Lessons

9

Estimated Time

515m

Completion

0%

0/9 lessons

Your progress: 0%

Complete a lesson to increase progress

Outline

Open a lesson for full notes. Mark completed to update your progress.

Navigate the filesystem with confidence

45m · Open lesson →

EASY

Goal: By the end of this lesson you will be able to move around any Linux server quickly, understand where you are, and find what you need without guessing. This is not about memorizing commands. It is about building a m…

Permissions and ownership without fear

60m · Open lesson →

MEDIUM

Goal: Understand Linux permissions well enough to fix "permission denied" problems quickly and safely. The Mental Model Every file/folder has: an owner (user) a group permissions for user/group/others Read it as: first c…

Services and logs (systemd basics)

60m · Open lesson →

MEDIUM

Goal: Control services confidently and read logs like an operator. What systemd is (simple) systemd is the service manager on most modern Linux distros. It starts services, restarts them, manages dependencies, and record…

A practical Git workflow (branch → PR → merge)

45m · Open lesson →

EASY

Goal: Use Git the way teams actually work: small commits, feature branches, pull requests, reviews, and safe merges. The Workflow (end to end) Steps: 1. Sync with main 2. Create a branch 3. Commit small changes 4. Push b…

Fix mistakes safely (reset, revert, reflog)

60m · Open lesson →

MEDIUM

Goal: Recover from Git mistakes without losing work or breaking shared history. The Rule If the commit is already pushed and others might have it: prefer git revert (safe) If it is only local (not pushed): git reset is f…

Branching strategies you will see on the job

60m · Open lesson →

MEDIUM

Goal: Understand common branching strategies and when to use each. Strategy 1: Trunk based (recommended for fast teams) Idea: main stays deployable; branches are short lived. Pattern: small branches frequent merges featu…

Ports, DNS, and HTTP in simple words

45m · Open lesson →

EASY

Goal: Understand the minimum networking needed to debug real production issues: DNS, ports, HTTP, and TLS. The 4 step model When a request fails, check: 1. DNS: can we resolve the name? 2. Network: can we reach the IP/po…

Shell tools that make you fast (grep, awk, sed)

70m · Open lesson →

MEDIUM

Goal: Turn messy logs into clear answers using grep/awk/sed and a few patterns you will reuse forever. grep (search) Tips: n : show line number R : recursive E : regex i : case insensitive awk (extract columns) Common us…

Write your first automation script

70m · Open lesson →

MEDIUM

Goal: Write a safe, reusable script that checks a service, collects logs, and prints a clean summary. Script building blocks variables functions exit codes strict mode (optional) Example: service health script Make it ex…