Access Control List
An Access Control List (or ACL) is a list of permissions attached to a filesystem object (file, directory). ACLs are manipulated with the commands getfacl and setfacl. Using setfacl, you can set the access-rights for individual users and groups on files and directories. On a directory you can set a default ACL ; every object (file, directory) created in the directory inherrits the default ACL.
See the manual pages for more details.
ACL Examples
Personal Storage
See the Personal_storage page for more info. ACL personal storage
Working with others
Suppose you (solis101) want to work together with users solis102 and solis103 on some project proj. You probably should use a tool like git or subversion, but if you must, you can create a directory :
% mkdir ~/proj
and make it (and everything below it) writable for you and your partners :
% setfacl -m user:solis102:rwx ~/proj/ % setfacl -m user:solis103:rwx ~/proj/ % setfacl -m default:user:solis101:rwx ~/proj/ % setfacl -m default:user:solis102:rwx ~/proj/ % setfacl -m default:user:solis103:rwx ~/proj/
Also, allow users solis102 and solis103 traverse rights on your $HOME :
% setfacl -m user:solis102:x ~ % setfacl -m user:solis103:x ~
Note that these settings imply that users solis102 and solis103 can now access data in your $HOME that is accessible for others, which is usually a lot.