What is ACL and how to use getfacl and setfacl commands ?

What is ACL?

Access control list (ACL), It is a more flexible permission mechanism for file systems. It allows you to give permissions for any users and groups.

It is used to defined permission on a particular file or folder for an individual user or group other than the user owner or the group owner.

SETFACL – Set File Access Control Lists

GETFACL – Get File Access Control List

The getfacl command displays the access permissions of files and directories with file name, owner, group and the ACL’s(Access Control List).



How to use setfacl command to set users and group permissions on file or directory ?

It is used to defined permission on a particular file or folder for an individual user or group other than the user owner or the group owner.

~setfacl -R -m u:username:permission file or directory name
~setfacl -dR -m g:username:permission file or directory name

(d – default – it will set the permission for future)

Example –

setfacl -R m u:apache:rwx cache/

setfacl -R m u:techouse:rwx cache/

For Files –

setfacl -m u:uername:permission filename

IMPORTANT –

In acls mask is the maximum permission which we can give to any user of group.

After acl permission are applied it will look like – drwxrwxrwx+



How to remove the ACL permissions

~setfacl -x u:username file or directory name
~setfacl -R -x u:username file or directory name

How to clear the whole ACL permissions

setfacl -R -b file or directory name

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.