Page History

...

In traditional POSIX, access permissions are granted to user/group/other in mode read/write/execute. The permissions can be checked with the -l  option of the command ls. For instance, if if user1 owns the folder test, the output would be the following: 

$ ls -lahd test/
drwxr-xr-x 2 <user1>user1 csstaff 4.0K Feb 23 13:46 test/ 

...

$ getfacl test
# file: test
# owner: <user1>user1
# group: csstaff
user::rwx
group::r-x
other::r-x  

...

$ setfacl -m user:<user2>user2:rw test/

$ getfacl test/
# file: test
# owner: <user1>user1
# group: csstaff
user::rwx
user:<user2>user2:rw
group::r-x
mask::rwx
other::r-x

...

$ setfacl -x user:<user2>user2 test/

$ getfacl test/
# file: test
# owner: <user1>user1
# group: csstaff
user::rwx
group::r-x
mask::rwx
other::r-x

Access rights can also be granted recursively to a folder and its children (if they exist) using the option -R, --recursive.  In the next example, all new files created inside the test folder of user1 will inherit the permissions, since default ACLs are set with the option Note this applies only to existing files. New files created in there won't inherhit the permissions.

$ setfacl -R -m user:user2 test

$ getfacl test/subdir
# file: test/subdir
# owner: user1
# group: csstaff
user::rwx
user:user2:rwx
group::---
group:csstaff:r-x
mask::rwx
other::---

If you wish to set up a default so all newly created folders and dirs inside or your desired path will inherit the permissions, you can use the -d, --default: option.

$ setfacl -dm user:<user2>user2:rw test/

$ getfacl test
# file: test
# owner: <user1>user1
# group: csstaff
user::rwx
group::r-x
mask::rwx
other::r-x
default:user::rwx
default:user:<user2>user2:rw
default:group::r-x
default:mask::rwx
default:other::r-x

...