Skip to main content

Working with Linux File Access Control Lists (FACLs)

Hands-On Lab

 

Photo of Bob Salmans

Bob Salmans

Training Architect

Length

00:30:00

Difficulty

Beginner

In this lab, we'll review what file access lists (FACLs) are used for. We'll set up a FACL to restrict access to a single file. We'll implement one rule to permit access for a single user, and then we'll edit permissions to remove access for all other users.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Working with Linux File Access Control Lists (FACLs)

In this lab, we'll review what file access lists (FACLs) are used for. We'll set up a FACL to restrict access to a single file. We'll implement one rule to permit access for a single user, and then we'll edit permissions to remove access for all other users.

Open a terminal, and log in to the cloud server using the provided credentials.

Create User Account, Project Directory, and File

  1. Enter the following command to create the user account pjohnson:

    sudo useradd pjohnson  
  2. Create the project directory:

    sudo mkdir /project51  
  3. Create the TPSreport.txt file in the /project51 directory:

    sudo touch /project51/TPSreport.txt

Create FACL

  1. Create a FACL for /project51/TPSreport.txt permitting user pjohnson RWX access:

    sudo setfacl -m u:pjohnson:rwx /project51/TPSreport.txt

Remove Access from Other Users

  1. Remove other users' access:

    sudo chmod o-rwx /project51/TPSreport.txt

Conclusion

Congratulations on completing this hands-on lab!