Access Control Lists(ACL) in Linux

What is ACL ?
Access control list (ACL) provides an additional, more flexible permission mechanism for file systems. It is designed to assist with UNIX file permissions. ACL allows you to give permissions for any user or group to any disc resource.

Use of ACL :
Think of a scenario in which a particular user is not a member of group created by you but still you want to give some read or write access, how can you do it without making user a member of group, here comes in picture Access Control Lists, ACL helps us to do this trick.

Basically, ACLs are used to make a flexible permission mechanism in Linux.

From Linux man pages, ACLs are used to define more fine-grained discretionary access rights for files and directories.

setfacl and getfacl are used for setting up ACL and showing ACL respectively.

 

Examples of using :

Granting an additional user read access

setfacl -m u:user:r file


Revoking write access from all groups and all named users (using the effective rights mask)

setfacl -m m::rx file

 

Removing a named user entry from a file’s ACL

setfacl -x u:group file

 

Removing a named group entry from a file’s ACL

setfacl -x g:group file

 

Copying the ACL of one file to another

getfacl file1 | setfacl --set-file=- file2

 

Copying the access ACL into the Default ACL

getfacl --access dir | setfacl -d -M- dir

 

Add default ACL permissions recursively

setfacl -Rm d:u:user:rwx,g:group:rwx directory

 

Remove defalt ACL

setfacl -k file

 

Remove all ACL from file

setfacl -b file

 

 

Add ping

Trackback URL : https://www.jurisic.org/trackback/5

Page top