![Apple Drops New Immersive Adventure Episode for Vision Pro: 'Hill Climb' [Video]](https://www.iclarified.com/images/news/97133/97133/97133-640.jpg)
![Most iPhones Sold in the U.S. Will Be Made in India by 2026 [Report]](https://www.iclarified.com/images/news/97130/97130/97130-640.jpg)
![This new Google TV streaming dongle looks just like a Chromecast [Gallery]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2025/04/thomson-cast-150-google-tv-1.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
_Olekcii_Mach_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![How to Convert Text to Video with AI [Tutorial]](https://findnewai.com/wp-content/uploads/2023/07/how-to-convert-text-to-video-pictory-ai-tutorial.webp)
![[The AI Show Episode 144]: ChatGPT’s New Memory, Shopify CEO’s Leaked “AI First” Memo, Google Cloud Next Releases, o3 and o4-mini Coming Soon & Llama 4’s Rocky Launch](https://www.marketingaiinstitute.com/hubfs/ep%20144%20cover.png)
![[FREE EBOOKS] AI and Business Rule Engines for Excel Power Users, Machine Learning Hero & Four More Best Selling Titles](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
.jpg?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#)
Day 8/ 30 Days of Linux Mastery: Access Control List
Table of Contents Introduction What is Access Control? Core ACL Commands Real-World Scenario: Multi-Team Shared Folder Access Conclusion Let's Connect Introduction Welcome back to Day 8! Today was all about Access Control, how Linux systems allow or restrict users and groups from accessing specific files and directories. The basic Linux permissions model (user-group-others) is solid, but in real cloud environments with multiple users, teams, roles, and access levels, it quickly gets limiting. What if: You want to give multiple users different levels of access to the same file? You don’t want to change file ownership or group just to add a new person? You are working on shared cloud environments with multiple teams? That’s where Access Control Lists (ACLs) come in. What is Access Control? ACL allows more than one user or group to have different permissions on the same file or directory. Think of it as a flexible access rulebook. You can: Give intern A: read-only access Let dev B : read/write Keep others: blocked … all on one file or folder. Perfect for shared environments. Core ACL Commands ACL Commands Purpose getfacl 'directory name' View all ACLs on a file/folder setfacl -m u:'username':'permission' 'file or directory name' Add/modify user ACL setfacl -x u:'username': 'file/directory' Remove user ACL setfacl -d -m u:'username':'permission' 'file/directory Set default ACL setfacl -m g:'groupname':'permission' 'file or directory name' Add/modify group ACL setfacl -x g:'groupname': 'file/directory' Remove group ACL setfacl -b 'file/directory' Remove all ACLs setfacl -R -m u:'user':'permission' 'file or directory' Apply ACLs recursively Real-World Scenario: Multi-Team Shared Folder Access You manage a shared folder - devopsproject. You want: AmandaIgwe - DevOps team to have full access Felix - Our Auditor to have read-only access Jean - Intern to have no access Let's check if there is ACL applied to the devopsproject folder first ls -ld
Table of Contents
- Introduction
- What is Access Control?
- Core ACL Commands
- Real-World Scenario: Multi-Team Shared Folder Access
- Conclusion
- Let's Connect
Introduction
Welcome back to Day 8!
Today was all about Access Control, how Linux systems allow or restrict users and groups from accessing specific files and directories. The basic Linux permissions model (user-group-others) is solid, but in real cloud environments with multiple users, teams, roles, and access levels, it quickly gets limiting.
What if:
You want to give multiple users different levels of access to the same file?
You don’t want to change file ownership or group just to add a new person?
You are working on shared cloud environments with multiple teams?
That’s where Access Control Lists (ACLs) come in.
What is Access Control?
ACL allows more than one user or group to have different permissions on the same file or directory. Think of it as a flexible access rulebook.
You can:
- Give intern A: read-only access
- Let dev B : read/write
Keep others: blocked
… all on one file or folder. Perfect for shared environments.
Core ACL Commands
| ACL Commands | Purpose |
|---|---|
getfacl 'directory name'
|
View all ACLs on a file/folder |
setfacl -m u:'username':'permission' 'file or directory name'
|
Add/modify user ACL |
setfacl -x u:'username': 'file/directory'
|
Remove user ACL |
setfacl -d -m u:'username':'permission' 'file/directory
|
Set default ACL |
setfacl -m g:'groupname':'permission' 'file or directory name'
|
Add/modify group ACL |
setfacl -x g:'groupname': 'file/directory'
|
Remove group ACL |
setfacl -b 'file/directory'
|
Remove all ACLs |
setfacl -R -m u:'user':'permission' 'file or directory'
|
Apply ACLs recursively |
Real-World Scenario: Multi-Team Shared Folder Access
You manage a shared folder - devopsproject.
You want:
- AmandaIgwe - DevOps team to have full access
- Felix - Our Auditor to have read-only access
- Jean - Intern to have no access
- Let's check if there is ACL applied to the devopsproject folder first
ls -ld
Notice there is no ACL. If there is an ACL applied, there will be a plus sign at the end of the permission.
- Let's apply ACL for the User, AmandaIgwe and give full access to the devopsproject directory.
setfacl -m u:AmandaIgwe:rwx devopsproject/
Notice the plus (+) sign? It shows ACL has been applied.
- Verify the ACL
getfacl devopsproject/
- Let's create the Auditor "Felix" and give him just read access to the devopsproject folder
useradd Felix - to add a user
setfacl -m u:Felix:r devopsproject/
getfacl devopsproject/
- Let's create our Intern "Jean" and give her no access to the devopsproject folder
setfacl -m u:Jean:- devopsproject/
getfacl devopsproject/
- Revoke Access from a User.
Initially, we gave our intern, Jean, no access. Let's give her the read and execute access. Then we will revoke all acl access for her.
setfacl -x u:Jean devopsproject/
- Remove All ACLs
setfacl -b devopsproject/
Note: To give access to group is same way, only thing is you replace u which is the user with the g which stands for group and replace it with the group name.
And that's it!
Conclusion
ACLs unlock powerful permission control in Linux. In real DevOps environments, especially in multi-team, multi-project settings, it’s the go-to method for managing access without breaking ownership or group structures.
If this is helpful to you, feel free to bookmark, comment, like and follow me for Day 9!
Let's Connect!
If you want to connect or share your journey, feel free to reach out on LinkedIn.
I am always happy to learn and build with others in the tech space.
#30DaysLinuxChallenge #Redhat#RHCSA #RHCE #CloudWhistler #Linux #Rhel #Ansible #Vim #CloudComputing #DevOps #LinuxAutomation #IaC #SysAdmin#CloudEngineer
