Configure ACL in Linux FileSystem
Ext3 and Ext4 filesystem includes support of ACLs on files and directories. ACL provides more control permissions on file than standard three access categories (owner, group and other ). Using ACL you can provide permission to specific user or group to file.
Before working on ACL make sure that ACL is enabled on mounted file system. You can enable it during mounting filesystem with ACL option.
Use following command Check if ACL is enabled on filesystem or not.
# mount /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw,noatime,acl)
Enable ACL by remounting file system using following command.
# mount -o remount,acl /
To enable ACL default on system bootup update following entry in /etc/fstab file.
/dev/VolGroup00/LogVol00 / ext3 defaults,
Configure ACL on File
If we want that user Bob to have all permissions on a file. Use following command.
# setfacl -m u:Bob:rwx hackthesec.txt
Details of parameters:
setfacel: is a command itself -m : is used to modify ACL. u : it denotes to assign permission to a user bob : a system user rwx : file permissions. hackthesec.txt: file on which bob will get access.
Check ACL on File
Use following command to check ACL configured on a file.
# getfacl hackthesec.txt
# file: hackthesec.txt # owner: root # group: root user::rw- user:Bob:rwx group::r-- mask::rwx other::r--
Remove ACL from File
If we don’t need the ACL in file, we can simply remove using following command.
# setfacl -x u:Bob hackthesec.txt HackTheSec HackTheSec-Twitter www.hackthesec.co.in
Post a Comment