Differences
This shows you the differences between two versions of the page.
acl [2013/08/22 15:02] |
acl [2013/08/22 15:02] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Access Control List ====== | ||
+ | ACL is used for setting fine permissions beyond the simple octal modes of Linux. | ||
+ | |||
+ | For it to work properly, the kernel needs to be compiled with ACL support for the filesystem being used, and then loaded as an option in ''/etc/fstab'' You can see if a partition has ACL support or not by executing ''mount'' | ||
+ | |||
+ | Optionally, remount a partition to add ACL support: | ||
+ | |||
+ | <code>mount -o remount,acl <device></code> | ||
+ | |||
+ | ==== Giving Apache Write Access ==== | ||
+ | |||
+ | To give Apache write access to a directory (fex: uploads), you can run this to set the permissions correctly: | ||
+ | |||
+ | <code> | ||
+ | sudo setfacl -Rm g:www-data:rwx directory/ | ||
+ | sudo setfacl -Rm d:g:www-data:rwx directory/ | ||
+ | </code> | ||
+ | |||
+ | The first line gives any user in the apache group read, write and execute access to that directory. It also applies recursively. | ||
+ | |||
+ | The second line specifies that any directories or files created in that directory will inherit those same settings. | ||
+ | ==== New Development Site ==== | ||
+ | |||
+ | After creating a directory on ''tahiti'', run this command using sudo to give all programmers read/write access recursively to the directory: | ||
+ | |||
+ | <code> | ||
+ | sudo /usr/local/bin/newacl -g programmers <directory> | ||
+ | </code> |