Scribd Logo
Upload

Welcome to Scribd!

  • ACL Questions

    Uploaded by

    Roshan Jangir
    9 views4 pages
    The document discusses various ways to set access control lists (ACLs) on Linux directories to control which users and groups have permission to read, write, and execute files. It provides the setfacl commands needed to set permissions in different scenarios, such as allowing only a specific group to access a directory, allowing all users to read but only one user to write, etc. The answers show how to use setfacl to manage fine-grained access control beyond the typical Unix permissions model.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses various ways to set access control lists (ACLs) on Linux directories to control which users and groups have permission to read, write, and execute files. It provides the setfacl commands needed to set permissions in different scenarios, such as allowing only a specific group to access a directory, allowing all users to read but only one user to write, etc. The answers show how to use setfacl to manage fine-grained access control beyond the typical Unix permissions model.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9 views4 pages

    ACL Questions

    Uploaded by

    Roshan Jangir
    The document discusses various ways to set access control lists (ACLs) on Linux directories to control which users and groups have permission to read, write, and execute files. It provides the setfacl commands needed to set permissions in different scenarios, such as allowing only a specific group to access a directory, allowing all users to read but only one user to write, etc. The answers show how to use setfacl to manage fine-grained access control beyond the typical Unix permissions model.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    ACL Questions

    1.You are working on a project that involves sensitive data. You want to ensure that only
    authorized users have access to the data. You have created a group called project_team and added
    the authorized users to the group. You want to set ACLs on the project directory so that only
    members of the project_team group can read, write, and execute the files in the directory.How
    would you set the ACLs on the project directory?

    Ans:- The following commands can be used to set the ACLs on the project directory so that
    only members of the project_team group can read, write, and execute the files in the
    directory:
    setfacl -m g:project_team:rwx /project
    setfacl -d g::rwx /project

    The first command grants read, write, and execute permissions to the project_team
    group on the /project directory. The second command removes all permissions
    from other users and groups.

    As a result of these commands, only members of the project_team group will be


    able to read, write, and execute the files in the /project directory.

    3.You are working on a team that is developing a new software application. You want to allow
    team members to read and write the source code for the application. However, you want to
    prevent team members from deleting the source code.

    How would you set the ACLs on the source code directory?

    Ans:- The following commands can be used to set the ACLs on the source code
    directory so that team members can read and write the source code for the
    application, but they cannot delete the source code:

    setfacl -m g:team:rwx /source


    setfacl -d g::rwx /source
    setfacl -d o::rwx /source

    The first command grants read, write, and execute permissions to the team group on
    the /source directory. The second command removes all permissions from other
    groups. The third command removes all permissions from other users.

    As a result of these commands, team members will be able to read and write the
    source code for the application. However, they will not be able to delete the source
    code.

    5.You are working on a project that involves confidential customer data. You want to ensure that
    only authorized users have access to the data. You have created a group called customer_support
    and added the authorized users to the group. You want to set ACLs on the customer data directory
    so that only members of the customer_support group can read the files in the directory.

    How would you set the ACLs on the customer data directory?

    Ans:- The following commands can be used to set the ACLs on the customer data
    directory so that only members of the customer_support group can read the files in
    the directory:

    setfacl -m g:customer_support:r /customer_data


    setfacl -d g::rwx /customer_data
    setfacl -d o::rwx /customer_data

    The first command grants read permissions to the customer_support group on the
    /customer_data directory. The second command removes all permissions from other
    groups. The third command removes all permissions from other users.

    As a result of these commands, only members of the customer_support group will be


    able to read the files in the /customer_data directory.

    6. How would you set the ACLs on the /abc directory so that only the
    user john can read, write, and execute the files in the directory?

    Ans :- The following command can be used to set the ACLs on the /abc directory so
    that only the user john can read, write, and execute the files in the directory:

    setfacl -m u:john:rwx /abc

    This command grants read, write, and execute permissions to the user john on the
    /abc directory. All other users will be denied access to the directory.

    7. How would you set the ACLs on the /abc directory so that all users can read
    the files in the directory, but only the user john can write and execute the files?

    Ans:- The following commands can be used to set the ACLs on the /abc directory so
    that all users can read the files in the directory, but only the user john can write and
    execute the files:

    setfacl -m u::r /abc


    setfacl -m u:john:rwx /abc

    The first command grants read permissions to all users on the /abc directory. The
    second command grants read, write, and execute permissions to the user john on
    the /abc directory. As a result of these commands, all users will be able to read the
    files in the /abc directory. However, only the user john will be able to write and
    execute the files.

    8. How would you set the ACLs on the /abc directory so that all users can read
    and write the files in the directory, but only the group admins can execute the
    files?

    Ans:- The following commands can be used to set the ACLs on the /abc directory so
    that all users can read and write the files in the directory, but only the group admins
    can execute the files:

    setfacl -m u::rw /abc


    setfacl -m g:admins:x /abc

    The first command grants read and write permissions to all users on the /abc
    directory. The second command grants execute permissions to the group admins on
    the /abc directory. As a result of these commands, all users will be able to read and
    write the files in the /abc directory. However, only members of the group admins will
    be able to execute the files.

    9. How would you set the ACLs on the /abc directory so that only members of
    the group users can read the files in the directory, and only members of the
    group admins can write and execute the files?

    Ans:- The following commands can be used to set the ACLs on the /abc directory so
    that only members of the group users can read the files in the directory, and only
    members of the group admins can write and execute the files:

    setfacl -m g:users:r /abc


    setfacl -m g:admins:rwx /abc

    The first command grants read permissions to the group users on the /abc directory.
    The second command grants read, write, and execute permissions to the group
    admins on the /abc directory. As a result of these commands, only members of the
    group users will be able to read the files in the /abc directory. Only members of the
    group admins will be able to write and execute the file

    10. How would you set the ACLs on the /abc directory so that all users can
    read the files in the directory, but no one can write or execute the files?

    Ans:- The following command can be used to set the ACLs on the /abc directory so
    that all users can read the files in the directory, but no one can write or execute the
    files:

    setfacl -m u::r,g::r,o::r /abc


    This command grants read permissions to all users, groups, and others on the /abc
    directory. However, it does not grant any write or execute permissions. As a result of
    this command, all users will be able to read the files in the /abc directory. However,
    no one will be able to write or execute the files.

    You might also like