Trace: setup_acl_for_folders
Table of Contents

Setup ACL for folders

Before setting up ACL (access control list) for folders, we must enable in mounting, so in /etc/fstab we have something like: 

/dev/VG01/LV01 /data ext3 defaults,acl 1 2

For new folders

We use the --set switch here. It overwrites existing ACL.

Allow the owner and members of somegroup to have read/write access to a folder: 

# set default ACL
setfacl -d --set u::rwx,g::---,g:somegroup:rwx,o::--- /u/samba/public

# set current ACL
setfacl --set u::rwx,g::---,g:somegroup:rwx,o::--- /u/samba/public


# Or, in one line:
setfacl --set d:u::rwx,g::---,d:g:somegroup:rwx,d:o::---,u::rwx,g::---,g:somegroup:rwx,o::--- /u/samba/public

Must specify rights for u::,g::,o:: rights when using –set option.

For existing folders with files

We use the -m switch here. It modifies existing ACL without overwriting.

Grant read write access to apache on folder /u/websites: 

# modify defaults
setfacl -R -d -m u:apache:rwx /u/websites

# modify current files
setfacl -R -m u:apache:rwx /u/websites

Revoke all access rights from apache on folder /u/websites: 

# revoke from defaults
setfacl -R -d -x u:apache /u/websites

# revoke from current files
setfacl -R -x u:apache /u/websites
tips/setup_acl_for_folders.txt · Last modified: 2012-05-23 09:24 by admin
Back to top
GNU Free Documentation License 1.3
chimeric.de = chi`s home Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0