Working with Linux File Access Control Lists (FACLs)

30 minutes
  • 3 Learning Objectives

About this Hands-on Lab

In this lab, we’ll review what file access lists (FACLs) are used for. We’ll set up a FACL to restrict access to a single file. We’ll implement one rule to permit access for a single user, and then we’ll edit permissions to remove access for all other users.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create user account `pjohnson` and the project directory and file.
  1. Create the user account pjohnson with the following command:
    sudo useradd pjohnson  
  2. Create the project directory with the following command:
    sudo mkdir /project51  
  3. Create the TPSreport.txt file in the /project51 directory with the following command:
    sudo touch /project51/TPSreport.txt 
Create FACL to permit user `pjohnson` access to file `TPSreprot.txt`.
  1. Create a FACL for /project51/TPSreport.txt permitting user pjohnson RWX access:

    sudo setfacl -m u:pjohnson:rwx /project51/TPSreport.txt
Remove access for other users from the file `/project51/TPSreport.txt`.
  1. To remove other users’ access, use the following command:

    sudo chmod o-rwx /project51/TPSreport.txt

Additional Resources

Your supervisor has asked you to help set up a new user for a very sensitive project. First, you'll need to create a new user account for pjohnson. Next, you'll need to create a project directory named /project51 at the root of the file system. Then, you'll need to create a file named TPSreport.txt in the /project51 directory, where pjohnson will keep his sensitive notes. Then, you'll create a FACL for the file /project51/TPSreport.txt so that only pjohnson has RWX access to this file. If you need to remove other file permissions to make this happen, please do so. Also, it is okay for root to have access to this file.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?