ACL mask

The ACL mask is used to set the maximum effective permissions for the group owner of a file, named users of a file, and named groups of a file. The maximum permissions of the owner or others are the ones that are set using chmod and not controlled by the ACL mask.

The ACL mask is set on a file using the setfacl command as follows:

$ setfacl   -m    m::r    filename

The ACL mask is viewed using the getfacl command as follows:

$ getfacl     filename

The getfacl command displays a string #effective: in front of the entries that are restricted by the mask. It gets updated automatically whenever group permissions are updated with chmod.

The following table lists the user types and corresponding ACL precedence in Linux systems:

User type	ACL precedence
Owner user	ACL permissions apply
Named user	ACL permissions apply (should be equal to or less than ACL mask)
Group	ACL permissions apply (should be equal to or less than ACL mask)
Named group	ACL permissions apply (should be equal to or less than ACL mask)
Others	ACL permissions apply

Table of Contents for ACL mask

Create new playlist

Sign In

Sign Up

Table of Contents for
ACL mask