what is the difference between chmod and setfacl

prakashkumar84 · 11-03-2009, 05:26 PM

Hi All,

could any one tell me the exact difference between chmod and setfacl commands?.

Thanks,
Prakashkumar.M

knudfl · 11-03-2009, 07:23 PM

Welcome to LQ.

Homework ? ?

man chmod

man setfacl

prakashkumar84 · 11-04-2009, 01:49 AM

Hi,

Thanks for your quick reply.

I know the 'man' command very well, but i need to know the exact difference, something with explanation.

Thanks.

Disillusionist · 11-04-2009, 01:57 AM

Read the man page for setfacl

Pay attention to the Examples

It should become apparent what the difference is.

prakashkumar84 · 11-04-2009, 11:00 AM

Thanks.

prakashkumar84 · 11-09-2009, 01:06 AM

sorry, I couldn't find the exact diff thr man pages. Can somebody give me an exact diff?.

Disillusionist · 11-09-2009, 03:12 AM

chmod only caters for permissions based on owner group all:

-rwx------ = read,write, and execute for owner only:

Code:

chmod 700 file

-rwxrwx--- = read,write, and execute for owner and 1 specific group:

Code:

chmod 770 file

setfacl allows for much greater control over who has access to a specific file or folder.

You can grant an additional user read access to a file:

Code:

setfacl -m u:lisa:r file

prakashkumar84 · 11-10-2009, 04:41 PM

Great.

Thanks.

MauMau · 12-10-2009, 06:55 PM

I think a complete explanation of this can be found at http://www.suse.de/~agruen/acl/linux-acls/online/ where the author Andreas Grünbacher explain in details the differences of the two. The author was involved in the design and implementation of extended attributes and ACLs on Linux and he goes in details that makes this issue clear for the reader. Hope this can helps.

Enjoy,

MauMau

prakashkumar84 · 12-11-2009, 12:15 AM

Thanks

vande012 · 09-29-2017, 10:55 AM

can setfacl be accomplished by using chown and chomod?

I ask because I am using puppet to set file permissions and setfacl is not a native puppet command

TB0ne · 09-29-2017, 12:39 PM

Quote:

Originally Posted by vande012

can setfacl be accomplished by using chown and chomod?
I ask because I am using puppet to set file permissions and setfacl is not a native puppet command

Read the LQ Rules...you re-opened a thread that had been closed for EIGHT YEARS, hijacked it with a different question, and double-posted that question.

Post reported to moderators.

sundialsvcs · 09-29-2017, 12:48 PM

Here's the long-and-short of it:

"Way back in the 1970's, what seemed good-enough to the programmers at Bell Labs was a simple "file permissions mask." Everything had a "user-id" and a "group-id" and access was very-simply determined by rwxrwxrwx. Simple, tiny, and – at the time – it worked.

As time went on, various people (working among various operating systems and file systems) recognized the need for more-sophisticated forms of access control. Hence, the access control list (ACL).

Generally speaking, ACLs supersede file permission masks.

Alas, "the fly in the ointment" is that not everyone who dreamed-up "an ACL system" decided to do it in exactly the same way. Hence, when you work with ACLs you will encounter various mapping systems which try their best to accommodate software which expects ACLs to work in one particular way.

Nevertheless, ACLs are very important because they do compensate for many of the pragmatic deficiencies of Unix's original concepts – which were perfectly adequate for a PDP-7! (And of course, the very similar original concepts devised for CP/M, MS-DOS, etcetera.)

You need to be pragmatically aware of, and pragmatically conversant in, both concepts as they apply to your particular operating environment(s), whatever they might be.

jefro · 09-29-2017, 03:22 PM

See other post. https://www.linuxquestions.org/quest...cl-4175614743/