Navigate
X
    admin
  • 9 years ago
    • Categories: Linux

Quick Guide for Linux user access control list (ACL)

user access control

In UNIX system you always need to deal with security towards the system. File or directory level user access control is one of them.
Mainly the purpose of the user access control list is to provide secure access to the flies and directory within the system. There are only two commands to configure the user access control list in Linux system.

1. getfacl which displays the currently configured access to directory or to file.
2. setfacl which actually set the user access control for to directory or to file.

So let’s jump directly into the demo of “user access control list”
Here we are configuring the user access control for the user manmohan in the directory /etc.
1. Let check first if manmohan user has write user access control for “/etc” directory or not.
2. Log in as manmohan cd to /etc.
3. Now try to create directory inside /etc and system responds with.

[manmohan@kalwa2 etc]$ mkdir test2
mkdir: cannot create directory `test2': Permission denied

4. Now Let’s configure the user access for manmohan user.


5. Fire the setfacl command as below:

[root@kalwa2 etc]# setfacl -R -m u:manmohan:wrx /etc/test/

-R give the recursive permission under /etc directory . If you don’t want to give you can ignore this option from the command

-m stands for modification.

U stands for user again for manmohan user with permission wrx.

6. Now verify the user access control for list for /etc directory.

[root@kalwa2 etc]# getfacl test
# file: test
# owner: root
# group: root
user::rwx
user:manmohan:rwx
group::r-x
mask::rwx
other::r-x
[root@kalwa2 etc]#

Yes all properly set.

7. Now let’s create the files under /etc to test the configuration.

[manmohan@kalwa2 test]$ pwd
/etc/test
[manmohan@kalwa2 test]$ touch 1
[manmohan@kalwa2 test]$ ls -ltr
total 0
-rw-rw-r--. 1 manmohan manmohan 0 Jul 21 20:55 1
[manmohan@kalwa2 test]$ mkdir test2
[manmohan@kalwa2 test]$ cd test2
[manmohan@kalwa2 test2]$ touch test2
[manmohan@kalwa2 test2]$ pwd
/etc/test/test2
[manmohan@kalwa2 test2]$

8. For multiple user fire below command.

setfacl -m user:manmohan:wrx,u:rahul:rw /etc/test/

9. For removing all permissions from the user with user rahul:

setfacl -x user:rahul /etc/test/

View Comments (0)

Leave a Comment
Related Post
  1. TorGuard VPN review: Overview , Pricing of the product!!

    This is review post for Torguard VPN which has features and pricing details for Tor…

  2. What is Linux standard input output error and how to redirect stdout and stderr to file in Linux

    This article will quickly guide you about Linux standard input output error.Also we will learning…

  3. Quick Guide for Linux user access control list (ACL) Vlog

    In this video we are going to learn about Linux Access control list or Linux…