ACLs Flashcards

1
Q

What are ACLs used for?

A

Create granular permissions on a file/directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How can you tell if a file/directory has an extended ACL set on it?

A

Denoted by a + at the end of the permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How do you set an ACL for a user/group on a file/directory?

A

setfacl -m u:{uid/username}:{r/w/x} file/directory

setfacl -m g:{gid/group}:{r/w/x} file/directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How do you view the ACL on a file/directory?

A

getfacl file/directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is important to note when creating ACLs?

A

It uses the uid/gid, even if username/group is specified.

If the uid/gid of a username/group changes it will still apply to the id

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the mask in an ACL?

A

Maximum permissions for the file/directory

Even if user/group has higher permissions they are limited by the mask.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How do you modify the mask on an ACL?

A

setfacl -m m::{r/w/x} file/directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How do you set default ACL permissions for child items within a directory?

A

setfacl -d -m u:{uid/user}:{r/w/x} directory
setfacl -m d:u:{uid/user}:{r/w/x} directory
setfacl -d -m g:{gid/group}:{r/w/x} directory
setfacl -m d:g:{gid/group}:{r/w/x} directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How do you remove default ACL permissions?

A

setfacl –remove-default file/directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How do you remove an ACL for a user/group?

A

setfacl -x u:{uid/user} file/directory

setfacl -x g:{gid/group} file/directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How do you remove a default ACL for a user/group?

A

setfacl -x d:u:{uid/user} file/directory

setfacl -x d:g:{gid/user} file/directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How would you copy the ACL of a file/directory and apply it to another?

A

getfacl file/folder | setfacl –set-file=- file/folder

*–set-file= sets the file to take ACL from, the - means to take standard input that is piped to the setfacl command

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What filesystems support ACLs?

A

ext4

xfs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are base permissions on an ACL?

A

Standard user|group|other permissions

No + at end of the permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the equivalent of chmod 777 using ACL permissions?

A

setfacl -m u::rwx,g::rwx,o::rwx

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the equivalent of chmod 000 using ACL permissions?

A

setfacl -m u::—,g::—,o::—

17
Q

When performing a chmod on an ACL file/directory, what affects the mask?

A

A caveat of chmod g= is it affects the mask permissions.

Only the group permission does this

18
Q

What does a default ACL permission do?

A

Applied the permission to file/directories created within the folder. Not the folder itself.

19
Q

How do you create an ACL for the execute bit to only apply to directories?

A

i. e setfacl -m u:{uid/username}:X directory

* uppercase X

20
Q

How do you create an ACL to apply recursively?

A

i.e setfacl -R -m u:{uid/username}:{r/w/x} directory

21
Q

Does the cp command preserve ACL rules?

A

No

They will have to be reapplied with: getfacl file/directory | setfacl –set-file=- file/directory

22
Q

Does the mv command preserve ACL rules?

A

Yes