Annotated edit history of
ACL version 5, including all changes.
View license author blame.
| Rev |
Author |
# |
Line |
| 1 |
PerryLorier |
1 |
[Acronym] for __A__ccess __C__ontrol __L__ist. |
| |
|
2 |
|
| |
|
3 |
Instead of having simple "User/Group/Other" permissions, the idea with ACL's is you have lists of users and groups that have permissions to some resource. For instance: |
| |
|
4 |
user=PerryLorier,rwx |
| |
|
5 |
user=MattBrown,rwx |
| |
|
6 |
user=JohnMcPherson,rx |
| |
|
7 |
group=WLUG,x |
| |
|
8 |
other=none |
| |
|
9 |
|
| 5 |
JohnMcPherson |
10 |
would give PerryLorier,MattBrown read/write access to some executable, JohnMcPherson gets to read the executable, and everyone in the group WLUG would be able to execute it. Linux 2.6 supports ACLs on some filesystems (such as [Ext2]). |
| 2 |
JohnMcPherson |
11 |
|
| |
|
12 |
For example, [Solaris] allows you to do this. You can use the commands |
| |
|
13 |
''setfacl'' and ''getfacl'' to see file ACLs. |
| |
|
14 |
The way this is implemented in Solaris, the presence of file ACLs is |
| |
|
15 |
specified by a __+__ character next to the "normal" access indicators: |
| |
|
16 |
|
| |
|
17 |
$ ls -ld Projects |
| |
|
18 |
drwxr-xr-x__+__ 3 user group 4096 2004-01-07 22:29 Projects |
| 3 |
PhilMurray |
19 |
|
| |
|
20 |
[FreeBSD]s ACLs work much in the same way as [Solaris]. FreeBSD 5 with UFS2 supports ACLs by default (they can be enabled by recompilation for UFS1 and FreeBSD 4), but you have to mount your filesystem with |
| |
|
21 |
mount -o acl |
| |
|
22 |
|
| |
|
23 |
for the ''setfacl'' tool to work. |
| 2 |
JohnMcPherson |
24 |
|
| |
|
25 |
You can then use setfacl to give write access to multiple users and groups (for example), rather than having to create a new group and |
| |
|
26 |
adding all the requisite users to that group. |
