What is ACL ?
Access control list (ACL) provides an additional, more flexible permission mechanism for file systems. It is designed to assist with UNIX file permissions. ACL allows you to give permissions for any user or group to any disc resource.
Use of ACL :
Think of a scenario in which a particular user is not a member of group created by you but still you want to give some read or write access, how can you do it without making user a member of group, here comes in picture Access Control Lists, ACL helps us to do this trick.
Basically, ACLs are used to make a flexible permission mechanism in Linux.
From Linux man pages, ACLs are used to define more fine-grained discretionary access rights for files and directories.
setfacl and getfacl are used for setting up ACL and showing ACL respectively.
Examples of using :
Granting an additional user read access
setfacl -m u:user:r file
Revoking write access from all groups and all named users (using the effective rights mask)
setfacl -m m::rx file
Removing a named user entry from a file’s ACL
setfacl -x u:group file
Removing a named group entry from a file’s ACL
setfacl -x g:group file
Copying the ACL of one file to another
getfacl file1 | setfacl --set-file=- file2
Copying the access ACL into the Default ACL
getfacl --access dir | setfacl -d -M- dir
Add default ACL permissions recursively
setfacl -Rm d:u:user:rwx,g:group:rwx directory
Remove defalt ACL
setfacl -k file
Remove all ACL from file
setfacl -b file
