• VMware

    Learn about VMware virtualization for its products like vsphere, vCenter Server, VMware View, VMware P2V and many more

  • Linux

    Step by step configuration tutorials for many of the Linux services like DNS, DHCP, FTP, Samba4 etc including many tips and tricks in Red Hat Linux.

  • Database

    Learn installation and configuration of databases like Oracle, My SQL, Postgresql, etc including many other related tutorials in Linux.

  • Success is like your own shadow, if you try to ctach it you will never succeed, ignore it and walk in your own way, and it will follow you!!!

    Friday, October 05, 2012

    Give individual permission on directories using setfacl in linux

    Generally we use chmod and chown to give user wise or group wise permission and ownership on directories and files in linux but again if you want to five some special permission to a particular user or group on any particular directory then both the above commands won't help you. In such conditions 'setfacl' utility plays its vital role and is very useful. Using 'setfacl' you can give individual permission on the basis of user or group name on any particular directory or files.

    Syntax:
    To set the permission for any user
    # setfacl -m u:username:permission /path/to/directory
    To set the permission for any group
    # setfacl -m g:groupname:permission /path/to/directory
    To view the permission
    # getfacl /path/to/directory
    To remove individual acl for any user
    # setfacl -x username /path/to/directory
    To remove all the acl added by setfacl
    # setfacl -b /path/to/directory
    To remove the default acls on any directory
    # setfacl -d /path/to/directory
    Examples:
    To add an acl for user deepak with read and execute permission on mydata directory
    # setfacl -m u:deepak:r-x /mydata
    To add an acl for group admin on any directories
    # setfacl -m g:admin:rwx /mydata
    To add the acl recusively on all the sub directories
    # setfacl -Rm -u:deepak:r-x /mydata/
    To view the acl entries on mydata
    # getfacl /mydata
    # file: new
    # owner: root
    # group: root
    user:deepak:r-x
    group:admin:rwx
    group::r-x
    mask::r-x
    other::r-x

    # ls -l / | grep mydata
    drwxr-xr-x+ 2 root root 4096 Oct 3 16:49 mydata

    So here you can see '+' sign is added at the last of permission section of the directory which means that acl is active on that directory.

    To remove a particular acl from the directory
    # setfacl -x u:deepak /mydata
    To remove all the acls from any directories
    # setfacl -b /mydata
    For further examples you can go to man page for setfacl

    Follow below links for more tutorials

    What is the difference/comparison between Unix and Linux ?
    What are the maximum and minimum limits for RHEL 4 vs 5 vs 6 ?
    Step by Step Linux Boot Process Explained In Detail
    What is the difference between ext3 and ext4 filesystem in Linux ?
    How to configure Private Network in VMware Workstation
    10 examples to help you understand top command usage in Unix/Linux
    Configure Red Hat Cluster using VMware, Quorum Disk, GFS2, Openfiler
    Tutorial for Monitoring Tools SAR and KSAR with examples in Linux
    15 tips to enhance security of your Linux machine
    Why is Linux more secure than windows and any other OS
    Understanding Load Average in Linux and when to be worried about it?
    Disk Attachment Technology FC vs SAS vs iSCSI
    Understanding UMASK value in Linux
    How to keep a track of all the commands run by any user in Linux
    How do you check Linux machine is Physical or Virtual remotely?

    0 comments:

    Post a Comment