Novice Level

Using ACLs to Allow Collaboration

Pricing
30 minutes
  • 2 Learning Objectives

About this Hands-on Lab

ACLs allow more granularity than octal permissions do. In this hands-on lab, we’ll set up a collaboration area using ACLs to get some practice reading `getfacl` output and creating `setfacl` input.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Use ACLs to Ensure Users Can Collaborate in the /opt/collab Directory

The first thing we need to do is make sure Bob, Adam, and Sally are all members of the same group. This will allow us to use ACLs on the group to allow access.

If we run id bob, id adam, and id sally we’ll see that they’re all members of the managers group.

We can run setfacl -m g:managers:rwx /opt/collab to allow the managers group access to the directory.

Remove Adam’s Access to the /opt/collab Directory

Since we can’t remove him from the group, we can use ACLs to remove an individual user’s access.

We can run setfacl -m u:adam:0 /opt/collab and it will make sure that adam cannot access the directory.

Contact SalesSee Pricing

Additional Resources

Adam, Bob, and Sally are managers that all have access to our server. They need a directory that all of them can access and read and write files into. Bob has created a directory named /opt/collab for them to use, but isn't sure how to give Adam and Sally permission without also giving Will (not a manager) permission. We've been tasked with setting up this area using ACLs.

After it is set up, we're notified that Adam is being let go from the company. Due to HR policy, he cannot be removed from the manager group or have his user deleted yet, but he does need to have access to the collab directory removed. Use ACLs to accomplish this.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Don't have an account?

Get Started
Who’s going to be learning?
MyselfMy Organization