The setfacl command in Linux is used to set file access control lists (ACLs) on files and directories. ACLs provide a way to grant permissions to specific users and groups for accessing a file or directory, in addition to the traditional file permission system.
The traditional file permission system in Linux consists of three levels of access – read, write, and execute – which can be granted or denied for the owner of the file, the group, and all other users. ACLs provide a finer-grained level of access control by allowing you to set individual permissions for specific users and groups.
The setfacl command is used to set and modify ACLs for files and directories. The syntax of the setfacl command is as follows:
# setfacl [options] file
Here, file specifies the file or directory to which the ACL is to be applied.
setfacl Command Examples
1. Modify ACL of a file for user with read and write access:
# setfacl -m u:username:rw file
2. Modify default ACL of a file for all users:
# setfacl -d -m u::rw file
3. Remove ACL of a file for a user:
# setfacl -x u:username file
4. Remove all ACL entries of a file:
# setfacl -b file
For more information about the setfacl command, you can visit the man page by typing the following command in the terminal:
# man setfacl
This will display the manual page for the setfacl command, which provides detailed information about the command and its options.