7.8 Access Control Lists

Previous page
Table of content
Next page
   

Access control lists are used to grant or deny permissions to users or groups in addition to those specified with traditional UNIX file access permissions. This mechanism is also called discretionary access control (DAC) and is supported under the older HFS file system but not under the modern JFS file system. To grant or deny specific file accesses to a user or group , users are specified as shown in Table 7-3.

Table 7-3. Access Control List User Specification
Pattern Description
user.group ACL for a specific user and a specific group
user.% ACL for a specific user and all groups
%.group ACL for all users and a specific group
%.% ACL for all users and all groups

Listing ACL

Access Control Lists can be listed using the lsacl command. 

 $  lsacl myfile  (boota.%, rwx) (jim.%,rwx) (%.users,r-x) (%.%,r--) myfile $

This command shows that users boota and jim , belonging to any group, have all read, write, and execute permissions, all users of the users group have read and execute permissions, and all other users have only read permissions.

Changing ACL

The chacl command is used for changing ACLs. You can grant another user mary read, write, and execute ( rwx ) permissions to myfile . 

 $  chacl "mary.%=rwx" myfile  $  lsacl myfile  (boota.%, rwx) (jim.%,rwx) (mary.%,rwx) (%.users,r-x)   (%.%,r--) myfile $
   
Top

Previous page
Table of content
Next page
HP Certified
HP Certified: HP-UX System Administration
ISBN: 0130183741
EAN: 2147483647
Year: 2000
Pages: 390
Authors: Rafeeq Rehman
BUY ON AMAZON
Beginning Cryptography with Java
Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
Java for RPG Programmers, 2nd Edition
Managing Enterprise Systems with the Windows Script Host
.NET-A Complete Development Cycle
Cultural Imperative: Global Trends in the 21st Century
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy