• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

The Urban Penguin

The Urban Penguin - Linux Training

  • Home
  • About
  • Live Online Courses
  • Shop
  • Programming
    • Master Editing Text Files Using VIM
    • Learn Shell Scripting with BASH
    • PERL Scripting in Linux
    • Ruby Scripting in Linux
    • Scripting with PowerShell
    • Learn C Programming using Linux and the Raspberry Pi
    • General Java Tutorials
    • Java 7 OCA Exam 1ZO-803
  • OS Tutorials
    • Red Hat and CentOS Training
      • Red Hat Enterprise Linux System Administration 1 – RH124
      • RHCSA – System Admin 2 – RH134
      • RHCE – EX294 – Automation With Ansible
    • Learning Ubuntu
    • LPI Training
      • LPI Linux Essentials
      • LPIC-1 Linux Administrator
      • LPIC-2 Certified Linux Engineer
      • LPIC-3 Senior Level Certification
        • LPIC-3 Exam 300 : Mixed Environments
        • LPIC-3 Exam 303 : Security
        • LPIC-3 Exam 304 : Virtualization and High Availability
    • Linux Technologies
      • Apache HTTPD Server
      • Learning PHP
      • Learning PUPPET
      • Learning SAMBA
      • Linux File-Systems
      • Monitoring with Nagios Core
      • MYSQL
      • openLDAP Directories on Linux
You are here: Home / Books / Managing POSIX ACLS in Linux

Managing POSIX ACLS in Linux

£0.99

This eBook from The Urban Penguin steps you through the POSIX ACLs in Linux so you are able to successfully secure your filesystems. The book is aimed at system administrators in Linux or those learning Linux system administrators and those seeking certification in Linux Administration

Category: Books

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Pinterest (Opens in new window)
  • Click to share on Tumblr (Opens in new window)
  • Click to print (Opens in new window)
  • Description
  • Reviews (0)

Description

As a system administrator in Linux, it will not take you long to realize that permissions managed only using the file mode become very limiting. The mode of a file allows for a single user, one group and everyone else, that is it. Many Linux systems are single-user systems acting as a service appliance so it does not have to be all bad, however, if you are using the system as some form a shared server or file-server it is likely that you will need to expand the mode using POSIX ACLs, or Access Control Lists.

Reading this 18 A4 page document you will learn:

  • The limitations of the file mode
  • ACLs available in Linux
  • Determining support for POSIX ACLs
  • Listing ACLs using getfacl
  • Setting default ACLs in directories using setfacl
  • Setting  ACLs on files
  • The ACL Mask and the File Mode
  • The Group nogroup/nobody
  • Removing individual ACEs or the complete ACL
  • Securing a Web Server DocumentRoot Using POSIX ACLs

The UNIX file mode dates back to the beginnings of UNIX and was never designed for Enterprise file sharing. The mode only allows for a single user, a single group, and everyone else. To work around this you can just keep creating groups to meet new needs within the file-system. Even so, this does not cater for when one group requires read access and another group requires read-write access to the same file or directory. All in all, if you are trying to share file-systems with many users on Linux, the mode is a problem. ACLs overcome these limitations allowing for more users and more groups to be added as principals.

We are talking about Linux, so there is never going to be just a single ACL to choose from => we have at least 3 🙂 In this module we look at POSIX ACLs.

POSIX ACL
The POSIX ACLs requires Kernel Modules to work with both the ACL and the target file-system. ACLs support also needs be be enabled when the file-system is mounted. The mount option is built-in to the XFS file-system and is a default mount option in EXT4, so is not a major issue. POSIX Access Control Lists allow for more than one user or group to have the same or different permissions to a file resource. We can also set default permissions allowing new files or directories to inherit from the parent. These features make the ACL very powerful and a useful tool.

NFSv4 ACL
NFSv4 ACLs are not part of the file-system and are independent of it. They work on exported NFS directories, or shares. If you are not accessing the file-system using the NFSv4 protocol the ACL is not applied. That said, it is designed for the NFS Server and exported file-systems so should not be surprising or an issue.

CIFS ACL
Like the NFSv4 ACLS the CIFS ACLs do NOT apply to a local file-system but are used when you are accessing the file-system via a SAMBA share.

Reviews

There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.

Primary Sidebar

Newest Video

The Urban Penguin On Youtube

Categories

Pages

  • About The Urban Penguin
  • Contact Us
  • Shop
    • Basket
    • Checkout
    • My Account
  • LPI Training from The Urban Penguin
    • Live and Pluralsight hosted courses
    • Complete Linux Essentials
    • LPIC-3 Senior Level Certification
      • LPIC-3 Exam 300 : Mixed Environments
      • LPIC-3 Exam 303 : Security
      • LPIC-3 Exam 304 : Virtualization and High Availability
    • LPIC-2 Certified Linux Engineer
    • LPIC-1 Linux Administrator
    • LPI Linux Essentials for Raspberry Pi
    • LPI Linux Essentials
  • Operating System Tutorials
    • Linux Foundation Training
    • Solaris 11 OCA 1ZO-821
    • Learning Ubuntu
    • Learning SUSE
    • Red Hat and CentOS Training
      • RHCE – EX294 – Automation With Ansible
      • RHCSA – System Admin 1 – RH124
      • RHCSA – System Admin 2 – RH134
  • Scripting – the power of repetition!
    • Java 7 OCA Exam 1ZO-803
    • General Java Tutorials
    • Learn C Programming using Linux and the Raspberry Pi
    • Ruby Scripting in Linux
    • Scripting with PowerShell
    • PERL Scripting in Linux
    • Learn Shell Scripting with BASH
    • Master Editing Text Files Using VIM
  • Linux Technologies
    • Learning PUPPET
    • openLDAP Directories on Linux
    • Monitoring with Nagios Core
    • Linux File-Systems
    • Learning SAMBA
    • Apache HTTPD Server
    • Learning PHP
    • MYSQL
  • OpenStack
    • Pluralsight
    • Udemy
    • Raspberry Pi Tutorials
    • Citrix Videos
  • Online Instructor-led Courses
    • Red Hat Enterprise Linux System Administration 1 – RH124
    • SELinux Masterclass
    • Bash Scripting Masterclass
    • Nftables Masterclass

© 2021 The Urban Penguin · All Rights Reserved