Results 1 to 3 of 3
Thread: Add user to ACL
Enjoy an ad free experience by logging in. Not a member yet? Register.
- Join Date
- Sep 2011
Add user to ACL
I have a linux based file server that hosts all our companies development data, source code etc. The main folder has, as you would expect, an owner and group access. I need to allow a single user write access to a couple of files within the folder structure but not allow any write access to anywhere else. currently the ACL looks like this:
drwxrwxrwx domain\owner domain\group 4096 date foldername
is it possible to add a user to the ACL so it reads:
drwxrwxrwx domain\owner domain\group domain\user 4096 date foldername?
Or am I going to have to add the user to the current group?
So, just to clear up terminology:
You appear to be using UNIX permissions, not ACLs. Modern Linux filesystems do support ACLs if you enable the option, but they default to UNIX permissions.
UNIX permissions have three layers of granularity: "user", "group", and, "other". "user" is traditionally referred to as the owner, but there is no actual reason that this user must be the owner of the files.
So, you have two choices:
1) If there is no logical owner of the files in question already, set this user as the user, and give them only the permissions they need on that file.
2) Otherwise, and more traditionally, add the user to the group, and use group-level permissions.
Because groups cannot belong to other groups, managing file access by group can be annoying, but unfortunately, that's the only choice I see, unless you enable ACLs.
If you follow Cabhan's approach, pay attention to the ownership/perms on the parent directory. If user has "w" perm there, he can do anything he wants with the file, no matter the perms.