What is Access Control Lists?

Access Control Lists (ACLs) are a type of permissions system used in Linux and other operating systems to control access to files and directories beyond the traditional owner/group/other permissions. ACLs allow for more fine-grained control over file permissions, allowing specific users or groups to be granted or denied access to files and directories.

Here is an explanation table of the ACL commands in Ubuntu 18:

CommandDescription

getfacl [file/dir]	Displays the ACL for a file or directory.
setfacl -m [rule] [file/dir]	Adds an ACL rule to a file or directory.
setfacl -x [rule] [file/dir]	Removes an ACL rule from a file or directory.
setfacl -b [file/dir]	Removes all ACL rules from a file or directory.
setfacl -R -m [rule] [dir]	Adds an ACL rule recursively to a directory and all its contents.
setfacl -R -x [rule] [dir]	Removes an ACL rule recursively from a directory and all its contents.
setfacl -R -b [dir]	Removes all ACL rules recursively from a directory and all its contents.

And here are some examples of how to use ACLs in Ubuntu 18:

• Displaying the ACL for a file:

$ getfacl file.txt
# file: file.txt
# owner: alice
# group: users
user::rw-
user:bob:r--
group::r--
mask::r--
other::---

• Adding an ACL rule to a directory:

$ setfacl -m u:bob:rx /home/alice/documents

 

This command adds a rule that grants user "bob" read and execute access to the directory "/home/alice/documents".

• Removing an ACL rule from a file:

$ setfacl -x u:bob file.txt

 

This command removes the ACL rule that granted user "bob" read access to the file "file.txt".

• Adding an ACL rule recursively to a directory:

$ setfacl -R -m u:charlie:rwx /home/alice/documents

 

This command adds a rule that grants user "charlie" read, write, and execute access to the directory "/home/alice/documents" and all its contents.