Files and directories have permissions by default,different permission to owner,group and others.These default permissions are set by the umask value.
To grant different permissions for different users, access control list is used. ACL is supported by RedHat Linux kernel with ext3,ext4 and NFS mounted file systems.ACL also recognized by samba file system shares configured on ext3 or ext4 file systems.
The copy and move commands also move the directory or file with the acl permissions.
To use acl, the partition must be mounted with acl support.Let see how to mount a ext4 partition with acl support
# mount -t ext3 -o acl device-name partition_name
# vim /etc/fstab
/dev/vol01/lv01 /work ext4 acl 0 0
By default NFS supports acl, if the exported file system is acl enabled.The NFS client can recognize the acl enabled share.
To disable acl on the NFS server, include no_acl option in the /etc/exports file.
To disable acl on NFS client side while mounting the NFS partition ,specify no_acl option in the command line or include no_acl option in /etc/fstab file .
# setfacl -m u:sam:rw /data
setfacl utility is used to add or modify acl for a file or directory.
m denotes modification
u usename(we can also give uid of the user)
rw permission granted for the user
In this example user sam is granted read and write access to /data directory.
# getfacl /data
+ symbol at the end of the permission field, indicates file or a directory has acl in it.
# setfacl -m u:sam:rw,u:don:rwx /data1
# setfacl -m g:hr:rw /data2
# setfacl -m o:r /data2
# setfacl -R -m u:sam:rw /data
# setfacl -d -m u:susan:rx /data
# setfacl -b /data
# setfacl -R -b /data (remove acl recursively)
To grant different permissions for different users, access control list is used. ACL is supported by RedHat Linux kernel with ext3,ext4 and NFS mounted file systems.ACL also recognized by samba file system shares configured on ext3 or ext4 file systems.
The copy and move commands also move the directory or file with the acl permissions.
To use acl, the partition must be mounted with acl support.Let see how to mount a ext4 partition with acl support
# mount -t ext3 -o acl device-name partition_name
To mount the partion permanently with acl support,make changes in /etc/fstab file.
# vim /etc/fstab
/dev/vol01/lv01 /work ext4 acl 0 0
By default NFS supports acl, if the exported file system is acl enabled.The NFS client can recognize the acl enabled share.
To disable acl on the NFS server, include no_acl option in the /etc/exports file.
To disable acl on NFS client side while mounting the NFS partition ,specify no_acl option in the command line or include no_acl option in /etc/fstab file .
To set acl in a file or directory for a user
# setfacl -m u:sam:rw /data
setfacl utility is used to add or modify acl for a file or directory.
m denotes modification
u usename(we can also give uid of the user)
rw permission granted for the user
In this example user sam is granted read and write access to /data directory.
To view the acl for a file or a directory
# getfacl /data
+ symbol at the end of the permission field, indicates file or a directory has acl in it.
To set different permissions for different users for a directory
# setfacl -m u:sam:rw,u:don:rwx /data1
To set acl for group in directory or a file
# setfacl -m g:hr:rw /data2
To set acl for others in directory or a file
# setfacl -m o:r /data2
To set acl recursively for all the files included in a directory.
# setfacl -R -m u:sam:rw /data
To apply default acl for a directory[acl will be applied to all the files and directories added in future.]
# setfacl -d -m u:susan:rx /data
To remove all acl for a directory
# setfacl -b /data
# setfacl -R -b /data (remove acl recursively)