![[The AI Show Episode 144]: ChatGPT’s New Memory, Shopify CEO’s Leaked “AI First” Memo, Google Cloud Next Releases, o3 and o4-mini Coming Soon & Llama 4’s Rocky Launch](https://www.marketingaiinstitute.com/hubfs/ep%20144%20cover.png)
![BPMN-procesmodellering [closed]](https://i.sstatic.net/l7l8q49F.png)
![Roll Based Web App [closed]](https://cdn.sstatic.net/Sites/softwareengineering/Img/apple-touch-icon@2.png?v=1ef7363febba)
![[DEALS] The All-in-One Microsoft Office Pro 2019 for Windows: Lifetime License + Windows 11 Pro Bundle (89% off) & Other Deals Up To 98% Off](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
.jpg?#)
_Tanapong_Sungkaew_via_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
_Andreas_Prott_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![Lenovo shows off its next 8.8-inch Legion Tab with vague AI promises [Gallery]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/04/lenovo-legion-tab-y700-2025-1.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
![OnePlus 13T has a 6,260 mAh battery as first camera samples arrive [Gallery]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/04/oneplus-13t-teaser-2.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
![Samsung Targets Late 2026 Launch for Advanced Texas Chip Fab Following Delays [Report]](https://www.iclarified.com/images/news/97073/97073/97073-640.jpg)
![Apple Shares Official Trailer for 'Long Way Home' Starring Ewan McGregor and Charley Boorman [Video]](https://www.iclarified.com/images/news/97069/97069/97069-640.jpg)
![Apple Watch Series 10 Back On Sale for $299! [Lowest Price Ever]](https://www.iclarified.com/images/news/96657/96657/96657-640.jpg)
![Mobile Legends: Bang Bang [MLBB] Free Redeem Codes April 2025](https://www.talkandroid.com/wp-content/uploads/2024/07/Screenshot_20240704-093036_Mobile-Legends-Bang-Bang.jpg)
A Simple Guide to ACLs in Linux
In Linux, traditional file permissions (rwxrwxrwx) work fine for basic access control. But if you need to give specific users or groups access to a file without changing its ownership or group That’s where ACL (Access Control List) comes in. It gives you more granular permission control, beyond just owner, group, and others. Table of Contents Why Use ACL? 1. Check ACL Permissions 2. Add User-Specific ACL Permission 3. Remove ACL Permission for a User 4. Remove All ACL Permissions 5. Set ACL for a Group Understanding the Mask How to Know If a File Has ACL Conclusion Let's Connect on LinkedIn Why Use ACL? Let's assume in your organisation, A file is owned by user chielo and group devs. You want to give sophy read-only access, but without changing the file's group or ownership. Traditional permissions can’t do this. ACL can. 1. Check ACL Permissions To view ACL entries: getfacl Output: file: secteam owner: root group: root user::rwx group::r-x other::r-x 2. Add User-Specific ACL Permission To give a specific user access: setfacl -m u:: directory Explanation: -m = modify u:grape:rx = give user grape read & execute permission ACL output: file: secteam owner: root group: root user::rwx ( The file owner) user:grape:rx ( ACL permission for user 'grape') group::r-x ( group has read and execute permission) other::r-x ( Others have read and execute permission) 3. Remove ACL Permission for a User To remove a specific user's ACL entry: setfacl -x u: file.txt Updated ACL output: file: secteam owner: root group: root user::rwx group::r-x other::r-x 4. Remove All ACL Permissions To clear all ACL entries (except standard permissions): setfacl -b file.txt -b = remove all ACL entries 5. Set ACL for a Group To give a group specific permissions: setfacl -m g:: This gives read-only access to the entire systemadmin group. Understanding the Mask The mask defines the maximum permission that can be granted to users (except the owner) and groups via ACL. Even if you set: setfacl -m u:chielo:rw file.txt If the mask is: mask::r-- Then chielo will only have read access. To update the mask: setfacl -m mask:rw file.txt How to Know If a File Has ACL Run: ls -l If you see a + sign at the end of the permission string: -rw-r--r--+ 1 chielo devs 1024 Apr 15 file.txt It means the file has ACLs applied. Conclusion ACLs are incredibly useful when you're managing permissions for multiple users or groups without disrupting existing setups. Try experimenting with setfacl and getfacl on your test files and see the difference for yourself. Let’s connect on LinkedIn (https://www.linkedin.com/in/chiamaka-chielo?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=android_app) As I automate my journey into RHCE and Ansible, I’d love to connect with fellow learners and professionals. Feel free to reach out and join me as I share tips, resources, and insights throughout this 30-day challenge. cloudwhistler #30daysLinuxchallenge Linux #ACL #FilePermissions #CloudWhistler #30DaysLinux
In Linux, traditional file permissions (rwxrwxrwx) work fine for basic access control. But if you need to give specific users or groups access to a file without changing its ownership or group
That’s where ACL (Access Control List) comes in.
It gives you more granular permission control, beyond just owner, group, and others.
Table of Contents
- Why Use ACL?
- 1. Check ACL Permissions
- 2. Add User-Specific ACL Permission
- 3. Remove ACL Permission for a User
- 4. Remove All ACL Permissions
- 5. Set ACL for a Group
- Understanding the Mask
- How to Know If a File Has ACL
- Conclusion
- Let's Connect on LinkedIn
Why Use ACL?
Let's assume in your organisation,
- A file is owned by user
chieloand groupdevs. - You want to give
sophyread-only access, but without changing the file's group or ownership.
Traditional permissions can’t do this. ACL can.
1. Check ACL Permissions
To view ACL entries:
getfacl
Output:
file: secteam
owner: root
group: root
user::rwx
group::r-x
other::r-x
2. Add User-Specific ACL Permission
To give a specific user access:
setfacl -m u:: directory
Explanation:
-m = modify
u:grape:rx = give user grape read & execute permission
ACL output:
file: secteam
owner: root
group: root
user::rwx ( The file owner)
user:grape:rx ( ACL permission for user 'grape')
group::r-x ( group has read and execute permission)
other::r-x ( Others have read and execute permission)
3. Remove ACL Permission for a User
To remove a specific user's ACL entry:
setfacl -x u: file.txt
Updated ACL output:
file: secteam
owner: root
group: root
user::rwx
group::r-x
other::r-x
4. Remove All ACL Permissions
To clear all ACL entries (except standard permissions):
setfacl -b file.txt
-b = remove all ACL entries
5. Set ACL for a Group
To give a group specific permissions:
setfacl -m g::
This gives read-only access to the entire systemadmin group.
Understanding the Mask
The mask defines the maximum permission that can be granted to users (except the owner) and groups via ACL.
Even if you set:
setfacl -m u:chielo:rw file.txt
If the mask is:
mask::r--
Then chielo will only have read access.
To update the mask:
setfacl -m mask:rw file.txt
How to Know If a File Has ACL
Run:
ls -l
If you see a + sign at the end of the permission string:
-rw-r--r--+ 1 chielo devs 1024 Apr 15 file.txt
It means the file has ACLs applied.
Conclusion
ACLs are incredibly useful when you're managing permissions for multiple users or groups without disrupting existing setups.
Try experimenting with setfacl and getfacl on your test files and see the difference for yourself.
Let’s connect on LinkedIn
As I automate my journey into RHCE and Ansible, I’d love to connect with fellow learners and professionals. Feel free to reach out and join me as I share tips, resources, and insights throughout this 30-day challenge.
