LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-27-2012, 05:29 PM   #1
lumix
Member
 
Registered: Mar 2007
Distribution: Hardy (Gnome on Ubuntu 8.04) on Compaq N600c laptop
Posts: 323

Rep: Reputation: 30
Is there a way to create file and folder acls that include select users?


I'm only familiar with ext's owner-group-other permissions. In the modern day and age, we need more. If I were to use ntfs, or some other filesystem, could I allow AliceX@ and BobY@ to read a file/folder, but no one else (i.e. add them to the acl for said file/folder)? And no being silly...you know full well I mean without adding Alice and Bob to the group.

If not, do folks address this by creating lots and lots of groups, and joining users to lots and lots of groups?
 
Old 05-27-2012, 06:01 PM   #2
em31amit
Member
 
Registered: Apr 2012
Location: /root
Distribution: Ubuntu, Redhat, Fedora, CentOS
Posts: 190

Rep: Reputation: 55
You can do this by using ACL's on linux.

First remount filesystem with acl parameters and you can also verify using mount and tune2fs command that filesystem is already mounted with "acl" attribute.

Code:
#cat /etc/fstab
...
LABEL=/home             /home                   ext3    rw,acl          1 2
...

#mount -v -o remount /home
after that you need to set and check ACL's on files and directories.

for these setfacl and getfacl

to set a read only permission with group on file you need to use the syntax something like this

Code:
#setfacl -m g:groupname:r-- filename
whenever you do "ls -l" on file/folder in the permission section of output there will a "+" at the end, that's denote that this file or folder have some acl's configured on it.


to check or get per-configured acl on file or folder

Code:
#getfacl filename
 
Old 05-27-2012, 06:02 PM   #3
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,362

Rep: Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377
Why don't you use ACLs http://linux.die.net/man/1/setfacl, if that's what you want?
 
Old 05-28-2012, 10:16 AM   #4
lumix
Member
 
Registered: Mar 2007
Distribution: Hardy (Gnome on Ubuntu 8.04) on Compaq N600c laptop
Posts: 323

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by chrism01 View Post
Why don't you use ACLs http://linux.die.net/man/1/setfacl, if that's what you want?
Only because I didn't know it existed. When I saw standard permissions (for lack of a better parlance) I wrongly assumed that, well, there you have it.

Simple enough. Thanks for the info.
 
Old 05-28-2012, 10:26 AM   #5
lumix
Member
 
Registered: Mar 2007
Distribution: Hardy (Gnome on Ubuntu 8.04) on Compaq N600c laptop
Posts: 323

Original Poster
Rep: Reputation: 30
For those interested (I was), there was this analysis done on the performance implications of using ACL's. There are a few relevant tables, you may have to scroll up or down a little. In a nutshell, initial access was substantially longer for ACL'd files than no-ACL ones. Not a very substantial hit at all after caching...at least for a 5-member ACL anyway. I suppose this warrants some consideration with respect to the kind of files and their usage, and the amount of cache one has at their disposal.

Last edited by lumix; 05-28-2012 at 10:28 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Possible to include /etc/folder/file.usr ballistic509 Programming 8 06-22-2007 12:16 AM
create a folder/file within a folder using perl indu.a Programming 2 03-07-2007 10:09 PM
Samba: Users can read, create folder, nothing else gt_swagger Linux - Server 1 02-20-2007 04:52 PM
Create Trash folder for items deleted by users on server dmm1673 Linux - Newbie 2 02-07-2007 11:42 AM
how can i default the max folder file size when it create inside a folder antony_csf Linux - Software 1 06-17-2004 02:26 AM


All times are GMT -5. The time now is 03:55 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration