When working on a shared directory in Arch Linux, it's essential to ensure that all users who need access have the correct permissions. Access Control Lists (ACLs) allow you to set fine-grained permissions for different users and groups. In this blog post, we'll walk through setting up ACLs so that new files and directories automatically inherit the correct permissions.
Dev Kraken
When working on a shared directory in Arch Linux, it's essential to ensure that all users who need access have the correct permissions. Access Control Lists (ACLs) allow you to set fine-grained permissions for different users and groups. In this blog post, we'll walk through setting up ACLs so that new files and directories automatically inherit the correct permissions.
Before we start, make sure you have ACL support installed and enabled on your filesystem.
sudo pacman -S aclMost modern Linux filesystems (like ext4) have ACL support enabled by default. If not, you might need to remount the filesystem with ACL support. You can add acl to the options in /etc/fstab and remount the filesystem.
To set the ACLs for an existing directory and ensure all files and subdirectories within it inherit the permissions:
sudo setfacl -R -m u:devkraken:rwx /srv/http/dir-name
sudo setfacl -R -m g:http:rwx /srv/http/dir-nameTo ensure that new files and directories created within the dir-name directory automatically inherit the correct permissions:
sudo setfacl -d -m u:devkraken:rwx /srv/http/dir-name
sudo setfacl -d -m g:http:rwx /srv/http/dir-nameYou can verify the ACLs using the getfacl command:
getfacl /srv/http/dir-nameThe output should look like this:
# file: srv/http/dir-name
# owner: http
# group: http
user::rwx
group::rwx
other::r-x
default:user::rwx
default:user:devkraken:rwx
default:group::rwx
default:other::r-x
To verify that the settings are applied correctly, create a new file in the dir-name directory:
touch /srv/http/dir-name/newfile.txtThen check the permissions of the new file:
getfacl /srv/http/dir-name/newfile.txtThe output should show:
# file: srv/http/dir-name/newfile.txt
# owner: devkraken
# group: http
user::rwx
user:devkraken:rwx
group::rwx
other::r-xThis indicates that the new file has inherited the correct permissions for the devkraken user and the http group.
By setting the default ACLs, you ensure that any new files or directories created within the dir-name directory will automatically have the specified permissions. This approach helps maintain consistent access control for shared directories in a multi-user environment.