View Source: ACL - Waikato Linux Users Group

Edit PageHistory Diff Info LikePages

[Acronym] for __A__ccess __C__ontrol __L__ist.

Instead of having simple "User/Group/Other" permissions, the idea with ACL's is you have lists of users and groups that have permissions to some resource.  For instance:
 user=PerryLorier,rwx
 user=MattBrown,rwx
 user=JohnMcPherson,rx
 group=WLUG,x
 other=none

would give PerryLorier,MattBrown read/write access to some executable, JohnMcPherson gets to read the executable, and everyone in the group WLUG would be able to execute it.  Linux 2.6 supports ACLs on some filesystems (such as [Ext2]).

For example, [Solaris] allows you to do this. You can use the commands
''setfacl'' and ''getfacl'' to see file ACLs.
The way this is implemented in Solaris, the presence of file ACLs is
specified by a __+__ character next to the "normal" access indicators:

 $ ls -ld Projects
 drwxr-xr-x__+__    3 user   group      4096 2004-01-07 22:29 Projects

[FreeBSD]s ACLs work much in the same way as [Solaris]. FreeBSD 5 with UFS2 supports ACLs by default (they can be enabled by recompilation for UFS1 and FreeBSD 4), but you have to mount your filesystem with
 mount -o acl

for the ''setfacl'' tool to work.

You can then use setfacl to give write access to multiple users and groups (for example), rather than having to create a new group and
adding all the requisite users to that group.

7 pages link to ACL:

Last edited on Wednesday, June 2, 2004 12:59:32 pm by JohnMcPherson

Edit PageHistory Diff Info LikePages