Search

link to homepage

Institute for Advanced Simulation (IAS)

Navigation and service


How to share files by using ACLs?

Linux file permission define the access rights to read, write or execute (rwx) files and directory but is limited to one user, one group and all others. ACLs (Access Control Lists) allows a more fine-grained assignment of access rights. The owner of a file/directory can define specific rights for other users and groups.

Linux commands to manage ACLs

- command to list ACLs of a file/directory:

getfacl <file/directory>

- Give user john1 read and write control to file example.txt. Also give user lucy1 the right to read this file:

setfacl -m u:john1:rw example.txt
setfacl -m u:jim1:r example.txt

# file: example.txt
# owner: smith1
# group: cjsc
user::rw-
user:john1:rw-
user:lucy1:r--
group::---
mask::rw-
other::---

- remove user john1 ACLs on example.txt:

setfacl -x u:john1 example.txt

# file: example.txt
# owner: smith1
# group: cjsc
user::rw-
user:lucy1:r--
group::---
mask::rw-
other::---

- Allow users from group zam change to directory share:

setfacl -m g:zam:x share/

# file: share
# owner: smith1
# group: cjsc
user::rwx
group::---
group:zam:--x
mask::rw-
other::---

- remove all ACLs from directory share::

setfacl -b share

# file: share
# owner: smith1
# group: cjsc
user::rwx
group::---
other::---

Further information (e.g. set ACLs recursively, setting default ACLs, inherit ACLs, ...) can be found in the manual pages.

Which files have an access control list?

The command

ls -l

will show a "+" for every file that has ACL set, eg.

drwx------+ 2 john1 cjsc 32768 Feb 21 09:25 share


Servicemeu

Homepage