Page History

...

In traditional POSIX, access permissions are granted to user/group/other in mode read/write/execute. You can check these permissions of a folder test with The permissions can be checked with the -l  option of the command ls. For instance, if user1 owns the folder test, the output would be the following: 

$ ls -lahd test/
drwxr-xr-x 2 <user1> csstaff 4.0K Feb 23 13:46 test/ 

ACLs are an extension of these permissions to give one or more users or groups access to your data. You can list the current The ACLs on a folder the test folder of user1 can be shown with the command getfacl:

$ getfacl test
# file: test
# owner: <user1>
# group: csstaff
user::rwx
group::r-x
other::r-x  

The command setfacl can add users or groups to read/write/execute on a selected file or folder using the option -M (--modify-file)  or -m (--modify) to modify the ACL of a file or directory:     

$ setfacl -m user:<user2>:rw test/

$ getfacl test/
# file: test
# owner: <user1>
# group: csstaff
user::rwx
user:<user2>:rw
group::r-x
mask::rwx
other::r-x

The In the example above will give the selected <username> , user2 will be granted read and write access to the folder test. The the test folder owned by user1. The -X (--remove-file) and  -x (--remove) options will remove ACL entries instead:

$ setfacl -x user:<user2> test/

$ getfacl test/
# file: test
# owner: <user1>
# group: csstaff
user::rwx
group::r-x
mask::rwx
other::r-x

You Access rights can also grant permissions be granted recursively to a folder and its children (if they exist) using the option -R, --recursive. If you want that   In the next example, all new files created inside a specific folder the test folder of user1 will inherit the permissions, you need to configure the since default ACLs are set with the option -d, --default:

...