Unix/Linux permission modes are very simple; they don’t cover all security needs. But, because they are simple, they are actually used, which is more than can be said for many other access control technologies.
But sometimes permissions just don’t cut it, and a better system of discretionary access control is needed. Access control lists (ACLs) enable you to specify exactly which users and groups can access a file and in what ways.
In order to use ACLs on a filesystem, that filesystem must be mounted with the
acl mount option. To check whether this option is active, use the
mount/dev/mapper/main-root on / type ext3 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/hdc2 on /boot type ext3 (rw) tmpfs on /dev/shm type tmpfs (rw) /dev/mapper/main-home on /home type ext3 (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) automount(pid10695) on /net type autofs (rw,fd=4,pgrp=10695,minproto=2,maxproto=4)
If you kept the default volume group and logical volume names during installation, you may see device paths such as /dev/mapper/VolGroup00-LogVol01.
The mount options are shown in parentheses; none of these filesystems were mounted with the
To add the
mount option to a filesystem that is already mounted, use the
mount command with the
mount -o remount,acl