Mercurial Mercurial > tips / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
acl.rst
author Oleksandr Gavenko <gavenkoa@gmail.com>
Mon, 09 Oct 2017 10:49:36 +0300
changeset 2188 e95731eef030
parent 1981 ad12707cb8de
permissions -rw-r--r--
Fixed: NameError: name 'locale_encoding' is not defined File /bin/rst2html.py, line 17, in <module> from docutils.core import publish_cmdline, default_description File /usr/lib/python2.7/site-packages/docutils/core.py, line 20, in <module> from docutils import frontend, io, utils, readers, writers File /usr/lib/python2.7/site-packages/docutils/frontend.py, line 41, in <module> import docutils.utils File /usr/lib/python2.7/site-packages/docutils/utils/__init__.py, line 20, in <module> import docutils.io File /usr/lib/python2.7/site-packages/docutils/io.py, line 18, in <module> from docutils.utils.error_reporting import locale_encoding, ErrorString, ErrorOutput File /usr/lib/python2.7/site-packages/docutils/utils/error_reporting.py, line 60, in <module> codecs.lookup(locale_encoding or '') # None -> '' NameError: name 'locale_encoding' is not defined

.. -*- coding: utf-8; -*-

======
 ACL.
======
.. contents::
   :local:

Managing ACL permissions.
=========================

Set permission::

  $ sudo setfacl -m u:nobody:rwx ~/tmp/dir
  $ sudo setfacl -m g:nogroup:rwx ~/tmp/dir

Review permissions::

  $ sudo getfacl ~/tmp/dir

Remove specific permissions::

  $ sudo setfacl -x u:test ~/tmp/dir

.. NOTE:: ``setfacl`` with ``-x`` key can't remove specific permission (like
          read/write/executable bit), you should remove corresponding user or
          group and set new or explicitly specify desired permission for user or
          group with ``-m`` option.

Remove all ACL permissions::

  $ sudo setfacl -b ~/tmp/dir

Remove default ACL::

  $ sudo setfacl -k ~/tmp/dir

Backup and restore ACL::

  $ sudo getfacl ~/tmp/dir >~/tmp/backup.acl
  $ sudo setfacl --restore=~/tmp/backup.acl

Add default ACL to directory to make ACL permission inheritance::

  $ sudo setfacl -d -m u:nobody:rwx /srv/www
  $ sudo setfacl -m u:nobody:rwx /srv/www

or by single command::

  $ sudo setfacl -m u:nobody:rwx,d:u:nobody:rwx /srv/www

To apply permission recursively add ``-R`` option::

  $ sudo setfacl -R -d -m u:nobody:rwx /srv/www
  $ sudo setfacl -R -m u:nobody:rwx /srv/www

.. NOTE:: default ACL is set only on directories and is applied only to
          directory children. So you should explicitly add permission to
          directory itself!
tips