Lab
A Cloud Guru

Using ACLs to Allow Collaboration

ACLs allow more granularity than octal permissions do. In this hands-on lab, we'll set up a collaboration area using ACLs to get some practice reading `getfacl` output and creating `setfacl` input.

Try for free Contact sales

Path Info

Level

Beginner

Duration

30m

Published

Jan 24, 2020

Challenge

Use ACLs to Ensure Users Can Collaborate in the /opt/collab Directory

The first thing we need to do is make sure Bob, Adam, and Sally are all members of the same group. This will allow us to use ACLs on the group to allow access.

If we run id bob, id adam, and id sally we'll see that they're all members of the managers group.

We can run setfacl -m g:managers:rwx /opt/collab to allow the managers group access to the directory.
Challenge

Remove Adam's Access to the /opt/collab Directory

Since we can't remove him from the group, we can use ACLs to remove an individual user's access.

We can run setfacl -m u:adam:0 /opt/collab and it will make sure that adam cannot access the directory.

Author

A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.