Professional Documents
Culture Documents
Acl PDF
Acl PDF
1
Access Control List
2
Example
File
FileCreated
Createdbybyroot
root
User
User ::root
root::rw_
rw_
Group
Group ::root
root::r_
r___
Others
Others ::r_
r___
Hello
Quotation
/aclmount
root
3
Steps
Create
Createaanew
newpartition
partition
[root@comp1 ~]#fdisk /dev/hda
[root@comp1 ~]#fdisk /dev/hda
Format
Formatthe
thePartition
Partition
[root@comp1 ~]#mkfs.ext3 /dev/hda9
[root@comp1 ~]#mkfs.ext3 /dev/hda9
Create
Create aa new
newmount
mount point
point
[root@comp1
[root@comp1 ~]#mkdir
~]#mkdir /aclmount
/aclmount
4
Steps
Mount
MountNew
Newpartition
partitionwith
withACL
ACL option
option
[root@comp1
[root@comp1 ~]#mount -o acl /dev/hda9 /aclmount
~]#mount -o acl /dev/hda9 /aclmount
Create
CreateUsers
Users
[root@comp1
[root@comp1 ~]#useradd usr1
~]#useradd usr1
[root@comp1
[root@comp1~]#useradd
~]#useradd usr2
usr2
[root@comp1
[root@comp1 ~]#useradd usr3
~]#useradd usr3
Create
CreateGroups
Groups
[root@comp1
[root@comp1 ~]#groupadd sales
~]#groupadd sales
10
5
Steps
Add
Addsome
someusers
usersto
togroup
group
[root@comp1
[root@comp1 ~]#gpasswd M usr1,usr2
~]#gpasswd M usr1, usr2 sales
sales
Create
Createfiles
filesinto
intothe
theACL
ACLenabled
enabledpartition
partition
[root@comp1 ~]#vi /aclmount/quotation
[root@comp1 ~]#vi /aclmount/quotation
The
The default
default permissions
permissions for
for the
the directory
directory // file
file will
will be
be
rw_r__r__
rw_r__r__
11
6
Applying ACL
ACL
ACLpermissions
permissionsto
to the
the directory
directoryfor
forthe
theuser
user
[root@comp1 ~]#setfacl m u:usr1: /aclmount/quotation
[root@comp1 ~]#setfacl m u:usr1: /aclmount/quotation
ACL
ACLpermissions
permissionsto
tothe
the directory
directoryfor
forthe
thegroup
group
[root@comp1 ~]#setfacl -m g:sales:rw /aclmount/quotation
[root@comp1 ~]#setfacl -m g:sales:rw /aclmount/quotation
12
7
ACL
To
Tolist
listapplied
appliedACL
ACLapplied
appliedon
onaaFile
File
[root@comp1 ~]#getfacl /aclmount/quotation
[root@comp1 ~]#getfacl /aclmount/quotation
Remove
RemoveACL
ACLfrom
fromaafile
file
[root@comp1
[root@comp1 ~]#setfacl x u:usr1 /aclmount/quotation
~]#setfacl x u:usr1 /aclmount/quotation
13