Access Control Lists Commands in Linux
Overview
In this tutorial, we will learn two Linux commands for setting and viewing ACLs (Access Control Lists Commands) in Linux. The commands are getfacl and setfacl commands. These commands are used to set file or directory permissions.
setfacl command
This command sets the Access Control Lists to files and directories on the Linux box. To know more about the command use the man command.
$ man setfacl
The useful option is -R flag. This option sets the ACL to all files and folders recursively.
Let’s create a user and add ACL permission read, write and execute permissions to the user on a sample directory.
$> useradd tDocsUser;
Absolute path to ‘useradd’ is ‘/usr/sbin/useradd’, so running it may require superuser privileges (eg. root).
$> sudo useradd tDocsUser;
[sudo] password for root:
$> mkdir sampleDirectory;
$> touch sampleFile.txt;
$> setfacl -R -m u:tDocsUser:rwx sampleDirectory/
$>
getfacl command
getfacl command reads and displays the current ACLs. For each file, the command displays the file name, owner, group, and ACLs. To know more about the command use the man getfacl command.
Sample usage of the command, to view the current ACL on the directory created: