Access Control Lists

ACLs is a Access Control Lists used to permissions restricting access to file owner, membership of a single group, or everyone else.
Following flags are used for permission:
r – read, w – write, and x – execute

Viewing ACL permissions:

Use ls –l command to see ACL permission of particular file.
            # ls –l raster.txt (raster.txt is the file name)
rwx means read, write and execute permissions for user.
rw- means read, write and means no permission for group.
--- means other have no permission.
The “+ the end of 10-character permission string indicates that there are ACL settings of file.

View ACL settings on a file

   getfacl command is used to display ACL settings.
            # getfacl raster.txt

Changing ACL file permissions:

Use setfacl command is used to add, modify or remove standard ACLs on files and directories.

Adding or modifying an ACL:
ACLs can be set via the command line using –m.

Changes file permission:

          1. # setfacl –m u:sachin:rw raster.txt
            Here u is indicating user, sachin is name of user, rw is read-write permission, and raster.txt is name of file on which permission is given.
          2. # setfacl –m g:marketing:r raster.txt
            Here g indicate group owner, marketing is name of group, and r means read permission given to all users of group on raster.txt file.
          3. # setfacl –m o::- raster.txt
            Here o means other, - means other user have NO permissions to read, write and execute on raster.txt file.

Most Reading