Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

setfacl remove group permission

Tags:

linux

unix

system

I am trying to remove group ACL from a certain folder. It has permissions as below

$ getfacl --all-effective public
# file: public
# owner: sse02
# group: apache
user::rwx
group::r-x                      #effective:r-x
mask::r-x
other::---
default:user::rwx
default:group::r-x              #effective:r-x
default:group:acct:rwx     #effective:rwx
default:mask::rwx
default:other::r-x
$

I wanted to remove the access granted to the group 'acct' with the following command, but it is not simply working

setfacl -x g:acct public

What could be going on wrong? Any ideas?

This is a RHEL5 box with ext3 file system.

like image 368
Sangfroid Avatar asked Oct 19 '11 16:10

Sangfroid

People also ask

Can setfacl be used to remove access from user1?

Even if the setfacl command is successful in removing access from user1, user1 might still be able to obtain access to the files in directory Haunted based on the file permission bits, assuming the user has search permission for Haunted. See Localization for more information.

Should I use chmod or setfacl for file permissions?

But, in case you may need to provide file permissions for some other users too, that can’t be done using chmod. Setfacl will assist you to get rid of such troubles.

What is the difference between getfacl and setfacl command in Linux?

Whereas, getfacl command is used to get file access control lists. For each file, getfacl displays the file name, owner, the group, and the Access Control List (ACL). If a directory has a default ACL, getfacl also displays the default ACL. Why use setfacl when we have chmod and chown command?

What is the difference between getfacl and access control list?

It allows us to provide permission for any user or group to any disk resource. Whereas, getfacl command is used to get file access control lists. For each file, getfacl displays the file name, owner, the group, and the Access Control List (ACL). If a directory has a default ACL, getfacl also displays the default ACL.

1 Answers

The group:acct entry is listed with default: in front, and the setfacl man page suggests that the ACL specification can be (spaces added for clarity in the man page):

[d[efault]:] g[roup]:gid [:perms]

Permissions of a named group. Permissions of the owning group if gid is empty.

I think you should try:

setfacl -x d:g:acct public
like image 96
Jonathan Leffler Avatar answered Sep 28 '22 09:09

Jonathan Leffler
Sign in to Comment

Related questions

Is Android studio faster on a Linux pc? [closed]
Extract TCP round trip time (RTT) estimations on linux
dlsym returns NULL, even though the symbol exists
Gradle offline how to cache the dependencies
Bidirectional synchronisation between Amazon s3 bucket and physical server
Cannot import sqlite3 in Python3
Force no more than one write/sync to disk in X seconds
How to force 64-bit LMDB to generate a 32-bit database?
Why are instructions addresses on the top of the memory user space contrary to the linux process memory layout?
Building Linux packages for multiple distributions and versions
Linux Kernel - what function holds the source where port numbers are randomly chosen?
Dreamweaver equivalent for Linux [closed]
dlopen with two shared libraries, exporting symbols
Code Snippet Managers for Linux desktops? [closed]
Control a USB light via software
Can I restrict access to certain files for a certain process?
How to handle color codes when trying to use grep, sed, etc
C Syslog.h not writing the log
Listing all USB drives in Linux
Pthreads - High memory usage

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!