NFSv4 Access Control Lists

Revision as of 19:47, 13 September 2016 by Phil.cs.jhu.edu (talk | contribs) (Created page with "Access Control Lists (ACLs) are a way of modifying file permissions in a way that is far more granular and flexible than Unix File Permission Primer|standard Unix file permi...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Access Control Lists (ACLs) are a way of modifying file permissions in a way that is far more granular and flexible than standard Unix file permissions. Unfortunately, ACLs are also more complex and can lead to very confusing situations if you're not careful. Consequently, we don't recommend using ACLs unless you find yourself in a situation that cannot work with the standard permission model. (When in doubt, you can always email support@cs.jhu.edu for help with our systems.)

There are two types of ACLs in use on our systems. This page covers NFSv4 ACLs, which are used on our graduate Linux clients. For our undergrad Linux clients, please see the page on POSIX Access Control Lists.

Unfortunately, we haven't had time yet to fully document NFSv4 ACLs on our systems, especially since the standard permissions work in a vast majority of cases. The ACLs are accessed via the nfs4_getfacl and nfs4_setfacl programs; interested parties are encouraged to read their man pages.