The setfacl command is used to set Access Control Lists (ACLs) on files and directories, allowing for more fine-grained permission management. Here’s how to use it:
Basic Syntax
setfacl [options] [acl] file
Common Usage Examples
Add User Permissions: To give a specific user read, write, and execute permissions on a file:
setfacl -m u:username:rwx filename.txtAdd Group Permissions: To give a specific group read and execute permissions:
setfacl -m g:groupname:rx filename.txtRemove User Permissions: To remove all permissions for a specific user:
setfacl -x u:username filename.txtView Current ACLs: To view the current ACLs set on a file:
getfacl filename.txtSet Default ACLs on a Directory: To set default permissions for new files created in a directory:
setfacl -m d:u:username:rwx directoryname
Options
-m: Modify the ACL.-x: Remove an entry from the ACL.-b: Remove all ACL entries.-d: Set default ACLs for directories.
Example
To give user alice read and write permissions on example.txt:
setfacl -m u:alice:rw example.txt
Make sure that the filesystem supports ACLs, and you may need superuser privileges to modify ACLs on certain files.
