What Happens When You Enable ACLs on Linux Partitions?

Access Control List (ACL):
How to assign read and execute permission to a particular user
How to assign read write and execute permission to a particular group
Assigning read and execute permission for a user and a group at same time.
Removing acl for a particular user
Removing acl for a particular group
Removing all ACL permissions from a file or directory

Access Control List (ACL):
1. Define more fine-grained discretionary access rights for files and directories.
2. Often, you want to share files among certain groups and specific users. It is a good practice
to designate a directory for that purpose. You want to allow those groups and users to read,
and write files in that directory, as well as create new files into the directory. Such special
permissions can be given using ACL.

3. ACL can be applied on ACL enabled partition that means you need to enable ACL while
mounting the partition.

Steps to implement ACL:
1. Create a partition and format it with ext4 file system
2. Mount a file system with ACL
3. Apply ACL on it.
Let’s implement it practically.

#parted -l /dev/sda
#mkfs.ext4 /dev/sda7

1. Mount it with ACL option
2. #mount -o acl /dev/sda5 /ktdir
3. If the partition is already mounted and you want add acl on it use following command

#mount -o acl /dev/sda5 /ktdir
#mount

To make it permanent make following entry in /etc/fstab

/dev/sda5 /ktdir ext4 defaults,acl 0 0

If your partition already exists, then just add an acl after defaults as shown above and use
the following command.

#mount –o remount /dev/sda5

• Now check the default permission and acl permission on /ktdir
#ls –ld /ktdir

• To check the acl permission syntax is
#getfacl option dir/file name

Options:
• -d Displays the default ACL
• -R Recurses into subdirectories

#getfacl /ktdir
#ls -ld /ktdir
#getfacl /ktdir

Now let’s assign full permission to the directory and then apply acl on it, so that we can
analyze how acl will work.

#chmod 777 /ktdir
#ls -ld /ktdir

Okay, now we are ready to apply acl, but first lets understand the command and option in
details.

The syntax to apply acl is:
#setfacl option argument file or directory name
• The options are,
• -m Modifies an ACL
• -x Removes an ACL
• -R Recurses into subdirectories

The possible arguments are:
• u: user
• g: group
• o: others

Note:- Whatever ACL permissions assigned to a user or group or others, it will be treated as
Normal Permissions minus ACL.

To assign read and execute permission to a particular user the syntax could be
#setfacl –m u: username: permissions file or dir name

#setfacl –m u:ktuser: rx ktdir

• Verify it by using getfacl command
#getfacl /ktdir

Now login as ktuser and try to create a file inside ktdir, as we have not assigned write
permission to ktuser, though it is having full permissions, still it will not allow ktuser to
create a file inside it.

#su - ktuser
#cd /ktdir
#touch file1
ls -ld /ktdir

#LinuxACL
#AccessControlList
#LinuxPermissions
#FileSecurity
#LinuxAdmin
#LinuxTutorial
#SysAdminTips
access control list,access control list in linux,access control list in os,controlling access linux,linux access control,linux acl,linux admin tips,setfacl linux,setfacl,getfacl,What is acl in linux,what is acl,linux access control list,access control list in Telugu,linux file permissions explained,linux acl in Telugu,linux file permission Telugu,what is acl in linux Telugu,linux permissions Telugu,linux filesystem security,linux user permissions,Access Control List (ACL) in Linux,Linux ACLs: The Secret to Fine-Grained Permissions