8.4. Retrieving ACLs

8.4. Retrieving ACLs

To determine the existing ACLs for a file or directory, use the getfacl command. In the example below, the getfacl is used to determine the existing ACLs for a file.

getfacl home/john/picture.png

The above command returns the following output:

# file: home/john/picture.png 
# owner: john 
# group: john 
user::rw- 
group::r-- 
other::r--

If a directory with a default ACL is specified, the default ACL is also displayed as illustrated below.

[john@main /]$ getfacl home/sales/
# file: home/sales/ 
# owner: john 
# group: john 
user::rw- 
user:barryg:r-- 
group::r-- 
mask::r-- 
other::r-- 
default:user::rwx 
default:user:john:rwx 
default:group::r-x 
default:mask::rwx 
default:other::r-x