Acl (Access Control List)
Files and directories have permission sets for the
owner of the file, the group associated with the file, and all other users for
the system. However, these permission sets have limitations. For example,
different permissions cannot be configured for different users. Thus, Access Control Lists (ACLs) were implemented.
The Red Hat Enterprise Linux kernel provides ACL
support for the ext3 file system and NFS-exported file systems. ACLs are also
recognized on ext3 file systems accessed via Samba.
Along with support in the kernel, the
acl package
is required to implement ACLs. It contains the utilities used to add, modify,
remove, and retrieve ACL information.
The
cp and mv commands copy or move any ACLs
associated with files and directories.
Mounting
File Systems
Before using ACLs for a file or directory, the
partition for the file or directory must be mounted with ACL support. If it is
a local ext3 file system, it can mounted with the following command:
mount -t ext3 -o acl device-name partition
For example:
mount -t ext3 -o acl /dev/VolGroup00/LogVol02
/work
Alternatively, if the partition is listed in the
/etc/fstab file, the entry for the partition can include the acl option:
#
vi /etc/fstab
LABEL=/ / ext3 defaults,acl 1 1
:wq
(save and exit)
#
mount -o remount,rw /
#
mkdir work
#
cd work
#
cat >aclwork.txt
Ctrl
+ D
Login
with other user and open the file.
#
getfacl /root/work/aclwork.txt (Command
will show the permission on the file.)
#
setfacl -m u:user1:r-x /root/work/aclwork.txt (Will set the permission on the
file.)
#
getfacl /root/work/aclwork.txt
Login
with user1 and try to open the file.
#
setfacl -x u:user1 /root/work/aclwork.txt
(command will remove the acl permission from the file).
No comments:
Post a Comment