Data Sharing for Project Members

ACL

To share files or directories, ACLs (access control lists) have to be set.

The extended permissions can be quieried with the following command:

getfacl <FILE>

Examples

Granting read access to the “./PROJECT/DATA” directory for user “alice”

setfacl -m u:alice:rx ./PROJECT/DATA

Granting read-write access (and execute permission if the file is a directory or already has execute permission for some user) recursively for all subdirectories and files under “./PROJECT/DATA” for user “alice”:

setfacl -R -m u:alice:rwX ./PROJECT/DATA

Remove permissions of other users (not listed in other ACL entries):

setfacl -m o::--- ./PROJECT/DATA

Revoking permissions of “alice” recursively by removing the ACL entry:

setfacl -R -x u:alice ./PROJECT/DATA

Further information can be found in the manpages for getfacl, setfacl and acl.