Filesystem/Access Control List Guide

= Access Control List - ACL = ACL are one of the more important feature required by the current enterprise or co-operate need. What it do is that it will create more control over the files of folder and provide more then User, Group and Other Basic Access Control.

POSIX ACL
Some example on ls -al /var/log

As you might know for example

drwxr-xr-x 2 apache  apache       135 Dec 11 17:48 apache2

What is missing? 1. What happen if we need more then one users to have control on this directory?

A: We cannot, but you can add this users to the apache group. Problem is this users will have all access where apache group have.

2. What happen if we need one more group to have read write access to this directory but not all other users? A: We cannot, but in some way we can add all the other group user and the apache user to another group and let them have access to this group. But what happen if you want to control this group to read only and not write?

The more example you have you will found the limitation on the POSIX ACL and so we have ACL which fix this.

= Kernel Options = We need to enable each files system Access control from the kernel before the application can use it. You can enable the one you need.

Ext2 ACL

Ext3 ACL

Ext4 ACL

ReiserFS ACL

JFS ACL

XFS ACL

Save what you changes and recompile your kernel and boot from it.

= Emerge sys-apps/acl = We should now emerge the acl tools so what we can start using ACL.