Darren Provine at Rowan University

Working With Access Control Lists

ACLs allow fine-grained control over permissions. For students working on projects together, the easiest thing to do is set an ACL for a directory, and make all the files in the directory mode 664 (or similar appropriate value). The ACL keeps others out of the directory, and you don't have to individually protect everything inside.

The simplest way to work with ACLs on Elvis directories is to:

1. Create the directory.
2. chmod the directory to 700.
3. run setfacl -m mask:rwx
4. For each user, run setfacl -m user:homer:rwx dirname

You can delete someone from the ACL by using the -d flag. You can clear all old ACL information and set a new one with the -s flag. For further details, see the man page.

A standard setup is to set up a CVS repository for the project's files, set an ACL on the repository directory, and then everyone can use CVS to work with the files.