Permissions & Security (Chmod/Chown/ACLs/SELinux/AppArmor)
Managing Granular File Permissions with POSIX Access Control Lists
🧩 The Challenge
Standard Linux permissions (ugo/rwx) fail when you need to grant specific access to multiple individual users or groups without changing file ownership or making files world-readable.
💡 The Fix
Utilize POSIX Access Control Lists (ACLs) to apply fine-grained permission sets to files or directories that extend beyond the traditional owner/group/other model.
setfacl -m u:username:rw /path/to/file
getfacl /path/to/file
⚙️ Why It Works
The setfacl command modifies the internal ACL list of the filesystem object, allowing you to explicitly define access rights for specific users or groups without modifying the primary owner. This approach enables complex access patterns that remain compatible with the standard filesystem while providing precise control.
🚀 Pro-Tip: Use the -R flag with setfacl to recursively apply the permission changes to all files and subdirectories within a target directory.
Linux Tips & Tricks | © ngelinux.com | 7/11/2026
