Managing Systems and Workgroups: A Guide for HP-UX System Administrators
Administering a System: Managing System Security
Managing Access to Files and Directories
Chapter 8 761
NOTE Further details about the use of the getacl and setacl commands are
in “Changing the JFS Access Control List of a File with setacl” on
page 767. See also getacl (1) and setacl (1).
Consider a file, exfile, with read-only (444) permissions and a minimal
JFS ACL. ls -l shows the permissions for exfile as:
$ls -l exfile
-r--r--r-- 1 jsmith users 12 Sep 20 15:02 exfile
getacl lists the following output for exfile:
Example 8-4 getacl Output for exfile, a Minimal JFS ACL
$ getacl exfile
# file: exfile
# owner: jsmith
# group: users
user::r--
group::r--
class:r--
other:r--
Using chmod to add write permissions to exfile changes both the
owning group and the class ACL entries:
Example 8-5 getacl Output for exfile, Showing Effect of chmod
$ chmod 666 exfile
$ getacl exfile
# file: exfile
# owner: jsmith
# group: users
user::rw-
group::rw-
class:rw-
other:rw-
Now we add some additional user and group entries, which will affect the
class ACL entry, but not the owning group entry. The first setacl
command below grants read-only permission to user guest; the other