Find the answer to your Linux question:
Results 1 to 3 of 3

Thread: Add user to ACL

Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Add user to ACL


    I have a linux based file server that hosts all our companies development data, source code etc. The main folder has, as you would expect, an owner and group access. I need to allow a single user write access to a couple of files within the folder structure but not allow any write access to anywhere else. currently the ACL looks like this:
    drwxrwxrwx domain\owner domain\group 4096 date foldername

    is it possible to add a user to the ACL so it reads:

    drwxrwxrwx domain\owner domain\group domain\user 4096 date foldername?

    Or am I going to have to add the user to the current group?


  2. #2
    Linux Guru Cabhan's Avatar
    Join Date
    Jan 2005
    Seattle, WA, USA
    So, just to clear up terminology:

    You appear to be using UNIX permissions, not ACLs. Modern Linux filesystems do support ACLs if you enable the option, but they default to UNIX permissions.

    UNIX permissions have three layers of granularity: "user", "group", and, "other". "user" is traditionally referred to as the owner, but there is no actual reason that this user must be the owner of the files.

    So, you have two choices:

    1) If there is no logical owner of the files in question already, set this user as the user, and give them only the permissions they need on that file.
    2) Otherwise, and more traditionally, add the user to the group, and use group-level permissions.

    Because groups cannot belong to other groups, managing file access by group can be annoying, but unfortunately, that's the only choice I see, unless you enable ACLs.

  3. #3
    Linux Enthusiast Mudgen's Avatar
    Join Date
    Feb 2007
    If you follow Cabhan's approach, pay attention to the ownership/perms on the parent directory. If user has "w" perm there, he can do anything he wants with the file, no matter the perms.

  4. $spacer_open

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts