Latest LQ Deal: Latest LQ Deals
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 09-25-2013, 03:51 PM   #1
LQ Newbie
Registered: Sep 2013
Posts: 23

Rep: Reputation: Disabled
ACL vs default ACL

I try to figureout.
What is the difference between ACL settings and default ACL settings?
For example.
setfacl -m o:rwx testdir
setfacl -m d: o:rwx testdir.


Last edited by makupl; 09-25-2013 at 03:54 PM. Reason: There is no space in command between d: o (otherwise gives emot in post)
Old 09-26-2013, 01:11 AM   #2
Senior Member
Registered: Apr 2010
Posts: 1,642

Rep: Reputation: 277Reputation: 277Reputation: 277
setfacl -m o:rwx testdir - set access for the specified user

setfacl -m d: o:rwx testdir - set default rights plus a new set of rights specified on the command

check out this link :

text below from this link:

A Directory with a Default ACL

Directories can be equipped with a special kind of ACL -- a default ACL. The default ACL defines the access permissions all objects under this directory inherit when they are created. A default ACL affects subdirectories as well as files.

Effects of a Default ACL

There are two different ways in which the permissions of a directory's default ACL are handed down to the files and subdirectories in it:

A subdirectory inherits the default ACL of the parent directory both as its own default ACL and as an access ACL.
A file inherits the default ACL as its own access ACL.
All system calls that create file system objects use a mode parameter that defines the access permissions for the newly created file system object:

If the parent directory does not have a default ACL, the permission bits as defined by the umask are subtracted from the permissions as passed by the mode parameter, with the result being assigned to the new object.
If a default ACL exists for the parent directory, the permission bits assigned to the new object correspond to the overlapping portion of the permissions of the mode parameter and those that are defined in the default ACL. The umask is disregarded.

Application of Default ACLs

The following three examples show the main operations for directories and default ACLs:

Creating a default ACL for an existing directory
Creating a subdirectory in a directory with default ACL
Creating a file in a directory with default ACL

Add a default ACL to the existing directory mydir:

setfacl -d -m group:djungle:r-x mydir

The option -d of the setfacl command prompts setfacl to perform the following modifications (option -m) in the default ACL.

Take a closer look at the result of this command:

getfacl mydir

# file: mydir

# owner: tux

# group: project3











default: other::---

Last edited by JJJCR; 09-26-2013 at 01:12 AM. Reason: edit


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Default ACL and permissions inheritance mikemrh9 Linux - Security 5 07-05-2016 06:19 AM
problem with samba and ACL ,ACL does not work as I want golden_boy615 Linux - Server 1 12-18-2011 09:18 AM
Why does the ACL of a file created under a directory differ from the default ACL sctebnt Linux - Security 5 12-02-2011 08:13 AM
Default file ownership and ACL sbabcock23 Linux - Security 2 04-17-2009 03:02 AM
iptables acl versus cisco acl id_viorel Linux - Security 1 04-09-2008 05:00 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 05:06 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration