❑ Linux file ACL(Access Control List) : A list used to set detailed permissions on a file by account or group.
❑ ACL on : The 10th string in permission of "ls -al" is +.
❑ ACL off : The 10th string in permission of "ls -al" is -.
❑ getfacl [File name] : It is a command to check the ACL setting of the file.
❑ setfacl [Option] [Entry]:[User/Group name]:[Permission] [File name] : It is a command to set the ACL to the file.
| Option | Description |
| -m | Add a user or group ACL. |
| -b | Remove all ACL entries. |
| -k | Remove all default ACL entries. |
| -x | Remove one ACL entry. |
| -R | Set recursive property. |
❍ setfacl -m u:user01:rw [File name] : set an user ACL.
❍ setfacl -Rm g:[Group name]:6 [File name] : Set an group ACL on the directory and its subdirectories.
❍ setfacl -m m::[Permission] : Set the mask value.
❍ setfacl -b [File name] : Remove all.
❍ setfacl -x [u/g/o]:[User/group Name]:[Permission] : Remove one ACL setting.
* mask
The maximum permissions that can be used by users and groups specified in the ACL.It filters out existing permissions and shows filtered results in #effective.It affects the ACL applied user/group and existing group permission.
❑ Default ACL : The file ACL for the directory. When a file is created in the directory, It inherits the default ACL.
❍ To prevent abuse text file is created with some execute permissions removed.
❍ When a directory file is created, it inherits the default ACL settings as it is.
❍ setfacl -m d:u:user01:0 [File] : Set a default ACL.
❍ setfacl -k [File] : Remove all default ACL
❍ setfacl -x d:u:[User name] [File] : Remove one default ACL
| Check environment | |||
| O S | CentOS 7.4.1708(64bit) | CPU | Intel i7-4710MQ 2.50GHz |
| SHELL | GNU bash (4.3.46(2)) | RAM | 1 GB |