One thing we didn't cover in this section were access control lists (ACLs) that can be used to further extend a file's permissions.

Start by putting a small command in our permissionfile to make it execute something:

$ echo "printf 'Fire indeed hot'" > permissionfile

Say we want to view our entire access control list for a file; we would use getfacl:

$ getfacl permissionfile # file: permissionfile# owner: vagrant# group: rootuser::rw-group::r-xother::rw-

Here, we can see the owner is vagrant, and the user has rw.

But, what if we wanted Packt to be able to execute the file, without impacting the other permissions? At the moment, Packt can't because it's not in the root group.

One potential solution is setfacl:

$ setfacl -m u:packt:rwx ...