WORKING WITH ”ACL” (setfacl & getfacl)..

Working with ACL (setfacl & getfacl)
ACL is for enhancing permission level on few directories/files. Sometimes your filesystem are not ACL enabled so you need to mount that partition with acl.
Here is the procedure:
# vi /etc/fstab
/dev/sda3 /var/www ext3 defaults,acl 0 0

# mount -o remount /var/www

A) Check the ACL being already applied:
# getfacl /tmp/direcotry

B) Set some user rw permission on some directory:
# setfacl -m u:axel:rw- directory
and moreover (for group):
# setfacl -m u:tippy:r–,g:lensmen:rwx directory
C) Delete all extended applied ACLs:
# setfacl -b directory
D) Change default permission level for newly created directories and files:
setfacl -d -m mask:007 /home/vicky/directory
setfacl -m default:g::rwx -R /home/vicky/directory #you can add u and o too

(you can add -R for recursive; -d = All operations apply to the Default ACL.)
Note: this is just a replica of umask but umask applies to complete user profile and through setfacl you can change the default behaviour on certain folders).

Identification: You can see + sign on ls -al.
Note: you can add here (-R) for recursive


Leave a Reply

Your email address will not be published. Required fields are marked *

fourteen − 9 =

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>