Difference between revisions of "ACL"
From Blue-IT.org Wiki
(→Use Case) |
(→Enable ACL) |
||
| Line 14: | Line 14: | ||
* German - [http://www.xwolf.de/artikel/acls.shtml Wie nutzt man ACLs (Access Control Lists) richtig?] | * German - [http://www.xwolf.de/artikel/acls.shtml Wie nutzt man ACLs (Access Control Lists) richtig?] | ||
| + | ==Use it== | ||
===Enable ACL=== | ===Enable ACL=== | ||
Enable the ACL's in '''fstab''' | Enable the ACL's in '''fstab''' | ||
Revision as of 15:29, 25 November 2007
Contents
Use Case
Peter, Paul and Mary are working with one directory tree. They share, use and edit the same files. They all belong to the system group users. But the directory the should be able to write on belongs to the group exchange.
/home |
/exchange |
/peters_subdir |
/peters_file.txt
/pauls_subdir |
/pauls_file.odf
maries_file.doc
Links
- German - Was ist die umask? Wie kann ich sie festlegen?
- German - Wie nutzt man ACLs (Access Control Lists) richtig?
Use it
Enable ACL
Enable the ACL's in fstab
/etc/fstab /home /dev/hdx ext3 defaults,exec,acl 1 2
Create a new group exchange
Create the new group exchange. In some cases it could be wise to create a user with the same name too, with its own home directory and the default group exchange. Don't forget to set the default group for the user.
chgrp exchange /home/exchange/ chmod g+s /home/exchange
Add ACL support
Changing the default umask for the certain directory and all subdirectories
setfacl -d -m mask:007 /home/exchange/
Now every file from any user accessing this directory will be readably/writable for the group exchange.