Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
linux:access-control-lists [2017/10/27 18:08] – michael | linux:access-control-lists [2019/03/07 13:51] (current) – michael | ||
---|---|---|---|
Line 13: | Line 13: | ||
'' | '' | ||
- | ---- | ||
===== Viewing ACLs ===== | ===== Viewing ACLs ===== | ||
- | To display details ACL information of a file use the getfacl command. | ||
<WRAP center box 100%> | <WRAP center box 100%> | ||
+ | '' | ||
< | < | ||
# getfacl /tmp/test | # getfacl /tmp/test | ||
Line 38: | Line 37: | ||
</ | </ | ||
- | Notice the 3 different user: lines. The first line lists the standard file permissions of the owner of the file. The 2 other user permissions are the individual permission for the user john and sam. The mask field here only applies to the additional permissions we have given to the user and groups. If the mask is set to rwx the read, write and execute permissions will be granted to additional user/ | + | Notice the 3 different user: lines. The first line lists the standard file permissions of the owner of the file. The 2 other user permissions are the individual permission for the user john and sam. The mask field here only applies to the additional permissions we have given to the user and groups. If the mask is set to rwx the read, write and execute permissions will be granted to additional user/ |
+ | |||
+ | <WRAP center box 100%> | ||
**File with no ACLs** | **File with no ACLs** | ||
- | If you run the getfacl command on a file with no ACLs the additional “user:” lines and “mask” line will not be shown and standard file permissions will be shown. | ||
- | <WRAP center box 100%> | + | '' |
< | < | ||
# getfacl test | # getfacl test | ||
Line 57: | Line 57: | ||
</ | </ | ||
</ | </ | ||
- | |||
- | ---- | ||
Line 69: | Line 67: | ||
* FACLs for multiple user and groups can also be set with single command : < | * FACLs for multiple user and groups can also be set with single command : < | ||
- | |||
- | ---- | ||
===== Default FACLs on directories ===== | ===== Default FACLs on directories ===== | ||
Default ACLs are only created on directories. When you set default ACLs on directories, | Default ACLs are only created on directories. When you set default ACLs on directories, | ||
- | To create a default FACL on a directory : | + | **To create a default FACL on a directory:** |
< | < | ||
Line 99: | Line 95: | ||
</ | </ | ||
- | Now create a new file in the accounts directory and list the FACL on the file : | + | ''// |
<WRAP center box 100%> | <WRAP center box 100%> | ||
Line 119: | Line 115: | ||
</ | </ | ||
- | ---- | ||
===== Removing FACLs ===== | ===== Removing FACLs ===== | ||
- | To remove FACL, use the setfacl command with -x option : | + | '' |
< | < | ||
- | The above command removes the ACL for the user john on the file /tmp/test. The ACLs for other user/groups if any remains unaffected. | + | '' |
- | To remove all ACLs associated to a file use the -b option with setfacl : | + | ''< |
< | < | ||
- | ---- | ||
===== Backing up the FACLs ===== | ===== Backing up the FACLs ===== | ||
Line 142: | Line 136: | ||
# getfacl -R * > accounts_facl | # getfacl -R * > accounts_facl | ||
- | ---- | ||
===== Restoring the FACLs ===== | ===== Restoring the FACLs ===== |