Overview of Access Control List (ACL) in AIX


Access Control Lists form the core of protection of file system objects. Each file system object is uniquely associated with one piece of data, called ACL, that defines the access rights to the object. ACL could consist of multiple Access Control Entries (ACEs), each defining one particular set of access rights for a user. Typically ACE consists of information such as identification (to whom this ACE applies) and access rights (allow-read, deny-write). Note that ACE might also capture information such as inheritance flags and alarm and audit flags. The format and enforcement of ACL data is entirely dependent on the ACL type in which they are defined. AIX provides for the existence of multiple ACL types on the operating systems. The list of ACLs supported by a file system instance is dependent on the physical file system implementation for that file system instance. 

aclget command displays the access control list settings information of any file in AIX.

Also Read: Storage Area Network (SAN) Basic Free Tutorials
Description
The aclget command writes the access control information of the file specified by the FileObject parameter to standard output or to the file specified by the OutAclFile parameter.
The information that you view depends on the ACL type and typically includes the Access Control Entries (ACEs) depicting the access rights of the users in the system, including the owner of the file object.
Syntax
aclget [ -o OutAclFile ] [ -v ]FileObject
Flags
-o OutAclFile         Specifies that the access control information be written to the file specified by the                                    OutFile parameter.

-v                            Displays the ACL information in Verbose mode. Comment lines will be added to                                    explain more details about the ACL associated with the FS object. These comment                                  lines are generated when the command is executed and do not reside anywhere                                        persistently.


Also Read: Frequently Asked Interview Questions and Answers 
Examples
  1. To display the access control information for the status file, enter:
    aclget  status
    An access control list appears, similar to the example in Access Control Lists.
  2. To copy the access control information of the plans file to the status file, enter:
    aclget  plans  |  aclput  status
    This copies the access control information. In most cases, the ACL type associated with plans will be the ACL type of ACL associated with the target status. However, it is possible that the target file system does not support the ACL type associated with file system object plans. In this case, the operation will fail and an error message is displayed. The target will retain its original associated ACL.
  3. To save the access control information of the plans file in the acl1 file to edit and use later, enter:

    aclget   -o  acl1  plans 




What Others are Reading Now...

0 Comment to "Overview of Access Control List (ACL) in AIX"

Post a Comment