Removed files: I don't longer have interest on topic.
.. -*- coding: utf-8; -*-
======
ACL.
======
.. contents::
:local:
Managing ACL permissions.
=========================
Set permission::
$ sudo setfacl -m u:nobody:rwx ~/tmp/dir
$ sudo setfacl -m g:nogroup:rwx ~/tmp/dir
Review permissions::
$ sudo getfacl ~/tmp/dir
Remove specific permissions::
$ sudo setfacl -x u:test ~/tmp/dir
.. NOTE:: ``setfacl`` with ``-x`` key can't remove specific permission (like
read/write/executable bit), you should remove corresponding user or
group and set new or explicitly specify desired permission for user or
group with ``-m`` option.
Remove all ACL permissions::
$ sudo setfacl -b ~/tmp/dir
Remove default ACL::
$ sudo setfacl -k ~/tmp/dir
Backup and restore ACL::
$ sudo getfacl ~/tmp/dir >~/tmp/backup.acl
$ sudo setfacl --restore=~/tmp/backup.acl
Add default ACL to directory to make ACL permission inheritance::
$ sudo setfacl -d -m u:nobody:rwx /srv/www
$ sudo setfacl -m u:nobody:rwx /srv/www
or by single command::
$ sudo setfacl -m u:nobody:rwx,d:u:nobody:rwx /srv/www
To apply permission recursively add ``-R`` option::
$ sudo setfacl -R -d -m u:nobody:rwx /srv/www
$ sudo setfacl -R -m u:nobody:rwx /srv/www
.. NOTE:: default ACL is set only on directories and is applied only to
directory children. So you should explicitly add permission to
directory itself!