chown myuser myfile
chown myuser:mygroup myfile
chown myuser:mygroup mydir
chown -R myuser:mygroup mydir
chgrp mygroup myfile
Change ownership of myfile to myuser (if you have permission to do so)
Change ownership and group of myfile
Change ownership and group of mydir
Change ownership and group of mydir and all files in it
Change group of myfile
---x--x--x
--w--w--w-
--wx-wx-wx
-r--r--r--
-r-xr-xr-x
-rw-rw-rw-
-rwxrwxrwx
-rw-r--r--
chmod 111
chmod 222
chmod 333
chmod 444
chmod 555
chmod 666
chmod 777
chmod 644
chmod uog+x
chmod uog+w
chmod uog+wx
chmod uog+r
chmod uog+rx
chmod uog+rw
chmod uog+rwx
umask 666
umask 555
umask 444
umask 333
umask 222
umask 111
umask 000
umask 022
aclput -i myacl myfile
aclget myfile
aclget -v myfile
acledit -t NFS4 -v myacl
To use acledit, the EDITOR environment variable must be set...
export EDITOR=/usr/bin/vi
Apply the ACLs contained in myacl to myfile
Show the ACLs applied to myfile
Show the ACLs applied to myfile with extra comments
Type can be NFS4 (default) or ACLX. "-v" = verbose (adds comments)
Lines generally have 4 "columns" known as IDENTITY, ACE_TYPE, ACE_MASK, ACE_FLAGS
ACE stands for Access Control Entries3002-100 acledit: EDITOR environment variable not set
3002-104 acledit: EDITOR environment variable must be full pathname
3002-107 ACL type ANY is not supported
export EDITOR=/usr/bin/vi
export EDITOR=/usr/bin/vi
If a file has an ACL there will be a "+" at the end of the permissions section of ls -l output.
getfacl myfile
setfacl -m u:myuser:rw myfile
setfacl -m g:mygroup:rw myfile
setfacl -m u:myuser:rw,g:mygroup:rw myfile
setfacl -m default:u:myuser:rw mydir
setfacl -x u:myuser myfile
setfacl -b myfile
Show the ACLs applied to myfile
Modify the ACL to set read/write access on myfile for myuser
Modify the ACL to set read/write access on myfile for mygroup
Perform the above two modifications using a single command
Set a default ACL for all new files created in mydir
Remove the ACL for myuser from myfile
Remove all ACLs from myfile
If your regular backup software does not preserve ACLs through a restore operation you may choose to use a specific ACL backup/restore process based on the commands show below...
cd mydir
getfacl -R * > mydir_facl
setfacl --restore=mydir_facl