Specifications
Chapter 9 Working with File Services 163
Using chmod to Modify ACLs
Using chmod, you can add and delete ACEs for a file or a folder. The following
parameters can be used with ACLs:
The following are common permissions you can assign to files:
The following permissions are applicable to folders:
To grant a user write permission for a file:
Enter the following command, replacing user1 with the name of the user you are
granting permission to and file1 with the name of the file:
$ chmod +a "
user1
allow write"
file1
To deny a guest read permission for a file:
Enter the following command, replacing file1 with the name of the file:
$ chmod +a "guest deny read"
file1
To view the ACL of a file:
Enter the following command, replacing file1 with the name of the file:
$ ls -le
file1
Parameter Description
+a Adds an entry to the ACL.
+ai Adds an inherited entry.
-a Removes an entry from the ACL.
Permission Description
delete Grants permission to delete the item.
readattr Reads an object’s basic attributes.
read Reads the object.
write Writes to the object.
writeattr Writes an object’s basic attributes.
readextattr Reads extended attributes.
writeextattr Writes extended attributes.
readsecurity Reads an object’s extended security information (ACL).
writesecurity Writes an object’s security information (ACL).
chown Changes an object’s ownership.
Permission Description
list Lists entries.
add_file Adds a file.
add_sudirectory Adds a subfolder.
delete_child Deletes an object.