Access Control Lists
Most everything here comes directly from the RHEL 5 Deployment Guide. This reference can't be stressed enough for preparation for the RHCE Exam.
There are two types of ACLs. Access and Default.
- Access ACLs are associated with a file or directory
- Default ACLs are associated with a directory and are optional. They take precedence when a file in the directory does not have an access ACL. Default ACLs cannot be associated with a file.
Access ACLs
They can be configured:
- Per User
- Per Group
- Via an effective rights mask
- For users not in the user group for the file
To set ACLs, use the setfacl command
setfacl -m <rules> <files>
<rules> can be:
- u:<uid>:<perms> - UID can be user name or user id
- g:<gid>:<perms> - GID can be group name or group id
- m:<perms> - Effective Rights Mask
- o:<perms> - ACLs for users other than those in the group for the file
To Remove an ACL
setfacl -x <rules> <files>
Default ACLs
To Set
setfacl -m d:<rules> <directory>
Viewing ACLs
To View ACLs
getfacl <file>
Note: tar and dump do not back up ACLs. Use star to achieve this.
Also: If the filesystem is not mounted with the -o acl option, ACLs will be unavailable.
Download Video: iTunes "mp4" | iPhone "mp4" | Open Source Format "ogg"
Categories: RHCE Linux Certcasts Screencasts