nfs4_setfacl command examples

nfs4_setfacl command examples

nfs4_setfacl, nfs4_editfacl – manipulate NFSv4 file/directory access control lists

Assume that the file `foo’ has the following NFSv4 ACL for the following examples:



– add ACE granting `’ generic “read” and “execute” access (defaults to prepending ACE to ACL):

$ nfs4_setfacl -a foo

– add the same ACE as above, but using aliases:

$ nfs4_setfacl -a foo

– edit existing ACL in a text editor and set modified ACL on clean save/exit:

$ nfs4_setfacl -e foo

– set ACL (overwrites original) to contents of a spec_file named `newacl.txt’:

$ nfs4_setfacl -S newacl.txt foo

– recursively set the ACLs of all files and subdirectories in the current directory, skipping all symlinks encountered, to the ACL contained in the spec_file named `newacl.txt’:

$ nfs4_setfacl -R -P -S newacl.txt *

– delete the first ACE, but only print the resulting ACL (does not save changes):

$ nfs4_setfacl --test -x 1 foo

– delete the last two ACEs above:

$ nfs4_setfacl -x A::EVERYONE@rtncy,D::EVERYONE@:waxTC foo

– modify (in-place) the second ACE above:

$ nfs4_setfacl -m D::OWNER@:x D::OWNER@:xo foo

– set ACLs of `bar’ and `frobaz’ to ACL of `foo’:

$ nfs4_getfacl foo | nfs4_setfacl -S - bar frobaz


Leave a Reply

Your email address will not be published. Required fields are marked *