Datasheet
“main” (Installation and Administration) — 2004/6/25 — 13:29 — page 699 — #725
i
i
i
i
i
i
i
i
27
Access Control Lists in Linux
27.3.2 ACL Entries and File Mode Permission Bits
Figure 27.1 and Figure 27.2 illustrate the two cases of a minimum ACL
and an extended ACL. The figures are structured in three blocks — the left
block shows the type specifications of the ACL entries, the center block dis-
plays an example ACL, and the right block shows the respective permis-
sion bits according to the conventional permission concept as displayed by
ls -l, for instance. In both cases, the owner class permissions are mapped
to the ACL entry owner. Equally, other class permissions are mapped to the
respective ACL entry. However, the mapping of the group class permissions
is different in the two cases.
Figure 27.1: Minimum ACL: ACL Entries Compared to Permission Bits
In the case of a minimum ACL — without mask — the group class permis-
sions are mapped to the ACL entry owning group. This is shown in Fig-
ure 27.1. In the case of an extended ACL — with mask — the group class per-
missions are mapped to the mask entry. This is shown in Figure 27.2.
Figure 27.2: Extended ACL: ACL Entries Compared to Permission Bits
699SUSE LINUX Enterprise Server