Access control lists: Creating an efficient Linux file server with default permissions

WithUnix permissions dating back to the early 1970s, standard Linux file permissions are largely insufficient for the needs of a modern file server. You can improve your system by learning how to create an efficient Linux-based file server using access control lists (ACLs).

One limitation of the standard Linux permission system is that only one user and one group can be granted rights to a file or directory at one time. Further, with the default Linux permission scheme, there is no way to set default permissions on new files. To overcome these constraints, you can use Linux access control lists. All modern Linux file systems offer support for ACLs. Samba also supports it, which makes it easy to set up an environment in which the Samba administrator manages Linux permissions on Samba -- even while using Windows utilities. In this tip, we'll discuss how to set up an environment in which more than one user or group can be granted permissions to one file or directory.

First, a few definitions are needed. The following discussion uses the conventions trustee and file. A trustee is a user or a group that has been granted rights to a file or a dir

Digg This!     StumbleUpon     Del.icio.us

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

Here is a simple example that you might encounter on a typical file server. We have a directory with the name /groups/sales. This directory is to be owned by the group sales and every file created in this directory should have the group sales as its default owner. Also, in new files, read and write permissions should be set automatically, regardless of the current unmask setting. Also, the directory members of the group account should have read-only permissions. To do this, follow this ACL procedure:

Applying ACLs faciliates file permissions management on a Linux file server. Using these techniques, you can create a well-secured Linux file server. ACLs also allow you to easily manage rights on a Samba server too, which we'll discuss in a future article.