Deprecated: Array and string offset access syntax with curly braces is deprecated in /home/prolinuxhub/public_html/wp-includes/script-loader.php on line 757

Deprecated: Array and string offset access syntax with curly braces is deprecated in /home/prolinuxhub/public_html/wp-includes/script-loader.php on line 757

Deprecated: Array and string offset access syntax with curly braces is deprecated in /home/prolinuxhub/public_html/wp-includes/script-loader.php on line 758

Deprecated: Array and string offset access syntax with curly braces is deprecated in /home/prolinuxhub/public_html/wp-includes/script-loader.php on line 758

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/load.php on line 926

Notice: Trying to access array offset on value of type bool in /home/prolinuxhub/public_html/wp-includes/theme.php on line 2360

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 693

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 693

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 693

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 693

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 693

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 693

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 693

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 774

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 774

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 774

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 774

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 774

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 937

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 937

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 937

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 937

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 937

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 937

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 937

Deprecated: Function create_function() is deprecated in /home/prolinuxhub/public_html/wp-content/plugins/synved-shortcodes/synved-shortcode/synved-shortcode.php on line 937

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798
Using ACLs (Access Control Lists) with Linux filesystem – PROLINUXHUB
Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Notice: Trying to access array offset on value of type null in /home/prolinuxhub/public_html/wp-content/plugins/cta/classes/class.cta.render.php on line 492

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Using ACLs (Access Control Lists) with Linux filesystem

This article was written specifically for Red Hat and CentOS but concept will be the same for other Linux distributions.

In this article we will go over ACLs for Linux and how they can be used to control access to files and directory’s on Linux file system. ACLs start with ownership and permissions. ACL on Linux file system provides additional much more flexible mechanize to manage permissions.

 

To use ACL we will need to configure file system with ACL option. With NFS version 4, these ACLs can be shared over a network.
Requirements

1. Kernel 2.4 or 2.6

2. ACL Utilities
Check to make sure acl package already installed

[root@rh3 ~]# rpm -q acl

acl-2.2.49-6.el6.x86_64

If not insyall it with

[root@rh3 ~]# yum install acl

3. Before a file or directory can be configured with ACLs, you need to mount the associated file system with the same attribute. If you’re just testing a system for ACL, you can remount an existing partition appropriately. For example, if /home is mounted on /dev/sda3, we can remount it with ACL using the following command:

[root@rh3 ~]#mount -o remount -o acl /dev/sda3 /home

To confirm that the /home directory is mounted with the acl option, run the mount command . You will notice acl in the output.

[root@rh3 ~]#/dev/sda3 on /home type ext4 (rw,acl)

 

Working with ACLs

All files should already be configured with ACLs. the following command displays the current ACLs for the test1 file

 

[root@rh3 ~]# getfacl test1

# file: test1

# owner: root

# group: root

user::rw-

group::r--

other::r--

 

 

If we run the following ls -l command we will see that all the elements of ACLs shown in the output.

[root@rh3 ~]# ls -l test1

-rw-r--r--. 1 root root 0 Oct 29 15:41 test1

 

With all requirements in place we can manage ACLs on a system.

In this example we will create user user1 and give this user read write execute permissions to file test1 located in home directory.

1. Add user , skip this step if user already exists in the system.

[root@rh3 ~]# useradd user1

2. Set permittions for this user using setfacl

[root@rh3 ~]# setfacl -m u:user1:rwx /home/test1

3. View permissions on the file.

[root@rh3 ~]# getfacl test1

Below is what you should see on the screen.

# file: test1

# owner: root

# group: root

user::rw-

user:user1:rwx

group::r--

mask::rwx

other::r--

 

In case when you want to add permission for the groups you would follow the following procedure.

Create test grpup called testgrp for example

root@rh3 ~]# groupadd testgrp

The following command would give read privileges to users who are members of that group to test1 file in home directory.

[root@rh3 ~]# setfacl -m g:testgrp:r-- /home/test1

and to test it run gefacl command

[root@rh3 ~]# getfacl test1

# file: test1

# owner: root

# group: root

user::rw-

user:user1:rwx

group::r--

group:testgrp:r--

mask::rwx

other::r--

 

ACLs can also be used to limit permissions to specific users. In this example we restrict testuser from accessing /etc/passwrd file.

# setfacl -m u:testuser:--- /etc/passwd

 

[label type=”label” style=”default” title=”ACL switches that you may find useful.”]

-b (–remove-all) Removes all ACL entries; retains standard ugo/rwx permissions

-k Deletes default ACL entries

-m Modifies the ACL of a file, normally with a specific user (u) or group

(g)

-n (–mask) Omits the mask in recalculating permissions

-R Applies changes recursively

-x Removes a specific ACL entry


Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798

Deprecated: Function get_magic_quotes_gpc() is deprecated in /home/prolinuxhub/public_html/wp-includes/formatting.php on line 4798