tips: acl.rst@fba288d59662 (annotated)

1841 2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	1	.. -- coding: utf-8; --
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	2	.. include:: HEADER.rst
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	3
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	4	======
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	5	ACL.
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	6	======
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	7	.. contents::
1905 fba288d59662 Include only local subsections into TOC. This prevent duplication of Oleksandr Gavenko <gavenkoa@gmail.com> parents: 1841 diff changeset	8	:local:
1841 2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	9
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	10	Managing ACL permissions.
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	11	=========================
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	12
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	13	Set permission::
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	14
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	15	$ sudo setfacl -m u:nobody:rwx ~/tmp/dir
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	16	$ sudo setfacl -m g:nogroup:rwx ~/tmp/dir
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	17
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	18	Review permissions::
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	19
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	20	$ sudo getfacl ~/tmp/dir
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	21
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	22	Remove specific permissions::
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	23
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	24	$ sudo setfacl -x u:test ~/tmp/dir
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	25
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	26	Remove all ACL permissions::
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	27
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	28	$ sudo setfacl -b ~/tmp/dir
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	29
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	30	Remove default ACL::
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	31
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	32	$ sudo setfacl -k ~/tmp/dir
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	33
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	34	Backup and restore ACL::
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	35
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	36	$ sudo getfacl ~/tmp/dir >~/tmp/backup.acl
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	37	$ sudo setfacl --restore=~/tmp/backup.acl
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	38
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	39	Add default ACL to directory to make ACL permission inheritance::
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	40
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	41	$ sudo setfacl -m -d u:nobody:rwx /srv/www
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	42	$ sudo setfacl -m u:nobody:rwx /srv/www
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	43
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	44	.. NOTE:: default ACL is set only on directories and is applied only to
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	45	directory children. So you should explicitly add permission to
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	46	directory itself!
2aaf1f0297f9 Managing ACL permissions. Oleksandr Gavenko <gavenkoa@gmail.com> parents: diff changeset	47

author	Oleksandr Gavenko <gavenkoa@gmail.com>
	Mon, 22 Feb 2016 12:46:36 +0200
changeset 1905	fba288d59662
parent 1841	2aaf1f0297f9
child 1912	8b81a8f0f692
permissions	-rw-r--r--