ACL command in linux with examples in details PART-1

Posted: 4 Jan 2017 in LINUX
Tags: , , ,

In this tutorial we will learn how to configure advance permissions using ACL(Access Control List).

In this article we will learn following:

1.How to check the ACL on files or folders using getfacl command.
2.How to identify files/directories that have ACL.
3.How to set ACL on specif files or Folders.
4.How to create the same ACL on all newly created files automatically.
5.How to remove particular ACL entry.
6.How to remove all ACL entries from a file or folder.

Before starting this lab  we will create some users some groups and some files and folders in linux to test acl command and show it with examples.

First of all i am going to create a folder /data

[root@localhost ~]# mkdir /data


Now i am gong to create user tiwary and assigned it password.

[root@localhost ~]# useradd tiwary

[root@localhost ~]# passwd tiwary


Then create a group named linux.

[root@localhost ~]# groupadd linux


Then we will check whether acl package is installed in our linux machine or not using below command.
[root@localhost ~]# rpm -q acl


Hence you can see acl package is already installed.
If in your linux machine acl package is not available you can install it using yum.

[root@localhost ~]# yum install acl


How to set ACL for user tiwary on /data directory.

[root@localhost ~]# setfacl -m u:tiwary:rw /data


How to set ACL for group linux on /data folder.


[root@localhost ~]# setfacl -m g:linux:rwx /data


How to Check the ACL entries on /data Folder now?

[root@localhost ~]# getfacl /data


How to create the same ACL on all newly created files automatically.

[root@localhost ~]# setfacl -Rm g:linux:rwx /data

recursive acl
How to Set the same acl’s on all newly created files automatically.

[root@localhost ~]# setfacl -dm g:linux:r /tmp

acl linux
How to Set all users to have read, write and execute to /data directory.

[root@localhost ~]# setfacl -m o::rwx /data

acl in rhel5

How to remove ACL entry for user tiwary on /data directory.

below command will remove only specified ACL from file/directory.
[root@localhost ~]# setfacl -x u:tiwary /data

How to remove all the acl’s on /data Directory

below command will remove all ACL from file/direcoty.

[root@localhost ~]# setfacl -b /data


ACL advance tutorial with some more example labs will come soon in my next article in ACL part-2.

If you have any doubt or suggestions you can suggest here through comments.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.