# File Permissions and Access Control lists

### Task 1: Create a Simple file and do `ls -ltr` to see the details of the file.

```plaintext
# Created a folder
mkdir file-permission

#Created a file
touch file-permission.txt

# command to view the specific file on the system
ls -ltr | grep -E file-permission
```

Output

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1679802565950/e307dc32-cd75-45cd-92eb-f4894b27da79.png align="center")

### Task 2: An article about File Permissions based on your understanding from the notes.

Wrote the article separately, and the following link has the full article.

[Mastering Linux File Permissions](https://hashnode.com/post/clfourhh7000c09mn7hem4r6e)

### Task 3: About ACL and try out the commands `getfacl` and `setfacl`

Access Control Lists (ACLs) are an advanced file permission mechanism used in Linux to provide more granular control over file and directory access.

While traditional Unix file permissions only allow for three categories of users (owner, group, and others) with three permissions (read, write, and execute), ACLs provide a more flexible approach by allowing the creation of more user-defined groups, each with its own set of permissions.

The `getfacl` command can be used to retrieve the ACLs for a file or directory, while `setfacl` can be used to set or modify the ACLs. Here are some examples of how to use these commands:

To view the ACLs for a file, run:

```plaintext
getfacl file-permission.txt

#Output

# file: file-permission.txt
# owner: devbox
# group: devbox
user::rw-
group::rw-
other::r--
```

To view the ACLs for a directory and all of its contents, run:

```plaintext
getfacl -R file-permission

#Output

# file: file-permission
# owner: devbox
# group: devbox
user::rwx
group::rwx
other::r-x
```

To set the default ACL for a directory so that all new files and subdirectories created in it inherit the same permissions, run:

```plaintext
setfacl -d -m u:myuser:rwx,g:mygroup:r-x,o::rx file-permission/

#output

ls -la | grep -E file-permission
drwxrwxr-x+  2 devbox devbox  4096 Mar 26 03:44 file-permission
-rw-rw-r--   1 devbox devbox     0 Mar 26 03:48 file-permission.txt
```

To add a new user to an existing ACL, granting them read and write access to a file, run:

```plaintext
setfacl -m u:dev-newuser:rw file-permission.txt

#Output

sudo useradd dev-newuser
setfacl -m u:dev-newuser:rw file-permission.txt
getfacl -R file-permission.txt
# file: file-permission.txt
# owner: devbox
# group: devbox
user::rw-
user:dev-newuser:rw-
group::rw-
mask::rw-
other::r--
```

ACLs can provide a more fine-grained approach to file permissions in Linux, and the `getfacl` and `setfacl` commands are useful tools for managing them.
