Differences
This shows you the differences between two versions of the page.
|
acl [2013/08/22 15:02] |
acl [2013/08/22 15:02] (current) |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ====== Access Control List ====== | ||
| + | ACL is used for setting fine permissions beyond the simple octal modes of Linux. | ||
| + | |||
| + | For it to work properly, the kernel needs to be compiled with ACL support for the filesystem being used, and then loaded as an option in ''/etc/fstab'' You can see if a partition has ACL support or not by executing ''mount'' | ||
| + | |||
| + | Optionally, remount a partition to add ACL support: | ||
| + | |||
| + | <code>mount -o remount,acl <device></code> | ||
| + | |||
| + | ==== Giving Apache Write Access ==== | ||
| + | |||
| + | To give Apache write access to a directory (fex: uploads), you can run this to set the permissions correctly: | ||
| + | |||
| + | <code> | ||
| + | sudo setfacl -Rm g:www-data:rwx directory/ | ||
| + | sudo setfacl -Rm d:g:www-data:rwx directory/ | ||
| + | </code> | ||
| + | |||
| + | The first line gives any user in the apache group read, write and execute access to that directory. It also applies recursively. | ||
| + | |||
| + | The second line specifies that any directories or files created in that directory will inherit those same settings. | ||
| + | ==== New Development Site ==== | ||
| + | |||
| + | After creating a directory on ''tahiti'', run this command using sudo to give all programmers read/write access recursively to the directory: | ||
| + | |||
| + | <code> | ||
| + | sudo /usr/local/bin/newacl -g programmers <directory> | ||
| + | </code> | ||
