Difference between revisions of "ACL"
From Blue-IT.org Wiki
(→ACL) |
|||
Line 1: | Line 1: | ||
− | |||
==Use Case== | ==Use Case== | ||
* Peter, Paul and Mary are working with one directory tree. They share, use and edit the same files. They all belong to the system group ''users''. But the directory the should be able to write on belongs to the group ''exchange''. | * Peter, Paul and Mary are working with one directory tree. They share, use and edit the same files. They all belong to the system group ''users''. But the directory the should be able to write on belongs to the group ''exchange''. |
Revision as of 15:24, 25 November 2007
Use Case
- Peter, Paul and Mary are working with one directory tree. They share, use and edit the same files. They all belong to the system group users. But the directory the should be able to write on belongs to the group exchange.
Links
- German - Was ist die umask? Wie kann ich sie festlegen?
- German - Wie nutzt man ACLs (Access Control Lists) richtig?
Enable ACL
Enable the ACL's in fstab
/etc/fstab /home /dev/hdx ext3 defaults,exec,acl 1 2
Create a new group exchange
Create the new group exchange. In some cases it could be wise to create a user with the same name too, with its own home directory and the default group exchange. Don't forget to set the default group for the user.
chgrp exchange /home/exchange/ chmod g+s /home/exchange
Add ACL support
Changing the default umask for the certain directory and all subdirectories
setfacl -d -m mask:007 /home/exchange/
Now every file from any user accessing this directory will be readably/writable for the group exchange.