How to use getfacl and setfacl to get and set access control lists (ACLs) on directories in Linux
What is ACL?
Access control list (ACL), It is a more flexible permission mechanism for file systems. It allows you to give permissions for any users and groups.
It is used to defined permission on a particular file or folder for an individual user or group other than the user owner or the group owner.
SETFACL – Set File Access Control Lists
GETFACL – Get File Access Control List
The getfacl command displays the access permissions of files and directories with file name, owner, group and the ACL’s(Access Control List).
How to Manage Linux ACL using Setfacl and Getfacl?
It is used to defined permission on a particular file or folder for an individual user or group other than the user owner or the group owner.
~setfacl -R -m u:username:permission file or directory name
~setfacl -dR -m g:username:permission file or directory name
(d – default – it will set the permission for future)
Example –
setfacl -R m u:apache:rwx cache/
setfacl -R m u:techouse:rwx cache/
For Files –
setfacl -m u:uername:permission filename
IMPORTANT –
In acls mask is the maximum permission which we can give to any user of group.
After acl permission are applied it will look like – drwxrwxrwx+
How to remove the ACL permissions
~setfacl -x u:username file or directory name
~setfacl -R -x u:username file or directory name
How to clear the whole ACL permissions
setfacl -R -b file or directory name
