Access Control List: Difference between revisions
No edit summary |
|||
Line 8: | Line 8: | ||
= Examples = | = Examples = | ||
== Personal Storage == | == Personal Storage == | ||
See the [[Personal_storage]] page for more info. | |||
{{:ACL_personal_storage}} | {{:ACL_personal_storage}} | ||
== Working with others == | == Working with others == | ||
Suppose you (''solis101'') want to work together with users ''solis102'' and ''solis103'' | Suppose you (''solis101'') want to work together with users ''solis102'' and ''solis103'' |
Revision as of 10:50, 10 February 2017
An Access Control List (or ACL) is a list of permissions attached to a filesystem object (file, directory). ACLs are manipulated with the commands getfacl and setfacl. Using setfacl, you can set the access-rights for individual users and groups on files and directories. On a directory you can set a default ACL ; every object (file, directory) created in the directory inherrits the default ACL.
See the manual pages for more details.
Examples
Personal Storage
See the Personal_storage page for more info. ACL personal storage
Working with others
Suppose you (solis101) want to work together with users solis102 and solis103 on some project proj. You probably should use a tool like git or subversion, but if you must, you can create a directory :
% mkdir ~/proj
and make it (and everything below it) writable for you and your partners :
% setfacl -m user:solis102:rwx ~/proj/ % setfacl -m user:solis103:rwx ~/proj/ % setfacl -m default:user:solis101:rwx ~/proj/ % setfacl -m default:user:solis102:rwx ~/proj/ % setfacl -m default:user:solis103:rwx ~/proj/
Also, allow users solis102 and solis103 traverse rights on your $HOME :
% setfacl -m user:solis102:x ~ % setfacl -m user:solis103:x ~
Note that these settings imply that users solis102 and solis103 can now access data in your $HOME that is accessible for others, which is usually a lot.