The setfacl command is used to set Access Control Lists (ACLs) on files and directories, allowing for more fine-grained permission management. Here’s how to use it:
Basic Syntax
setfacl [options] [acl] fileCommon Usage Examples
-
Add User Permissions:
To give a specific user read, write, and execute permissions on a file:setfacl -m u:username:rwx filename.txt -
Add Group Permissions:
To give a specific group read and execute permissions:setfacl -m g:groupname:rx filename.txt -
Remove User Permissions:
To remove all permissions for a specific user:setfacl -x u:username filename.txt -
View Current ACLs:
To view the current ACLs set on a file:getfacl filename.txt -
Set Default ACLs on a Directory:
To set default permissions for new files created in a directory:setfacl -m d:u:username:rwx directoryname
Options
-m: Modify the ACL.-x: Remove an entry from the ACL.-b: Remove all ACL entries.-d: Set default ACLs for directories.
Example
To give user alice read and write permissions on example.txt:
setfacl -m u:alice:rw example.txtMake sure that the filesystem supports ACLs, and you may need superuser privileges to modify ACLs on certain files.
