BSD DevCenter
oreilly.comSafari Books Online.Conferences.

advertisement

BSD Content

All Articles

Big Scary Daemons

Free BSD Basics

OpenBSD Explained

Securing Small Networks


BSD Topics

Administration

Application Development

Archiving

Community

Compatibility Issues

Email

Firewalls

FreeBSD

Getting Started

Kernel

NetBSD

Networking

OpenBSD

Security

Web Design and Development


ONLamp Subjects

Linux

Apache

MySQL

Perl

PHP

Python

BSD


Using FreeBSD's ACLs
Pages: 1, 2, 3, 4, 5, 6

Installing the GUI

If you do a Google search for "FreeBSD acl," you'll find several articles and how-tos. Each of these gives examples on using the main ACL command line utilities, getfacl and setfacl, such as Greg Czaplinski's excellent Working with ACLs in FreeBSD 5.x.



While getfacl is straightforward, the syntax for setfacl can get a bit hairy--more than enough to scare off most of your users. Here, a GUI is beneficial, as it allows users to easily determine and control who has what permissions.

eiciel provides an intuitive GUI and is available as a FreeBSD package or port. It also works on Linux systems and is a part of the Nautilus file manager, which among other things adds a properties sheet to files, allowing a user to easily view and manage file permissions, icons, and the Open With utility.

You can quickly add the binary package using:

# pkg_add -r eiciel

Once you have installed the package, leave the superuser account and enter an X session as a regular user.

Accessing the GUI

There are two ways to access the newly installed ACL GUI. One is to start nautilus; see Figure 1. The user dru has three files in her home directory called test, file1, and myfile. Figure 2 shows what happens when the user right-clicks on test and selects Properties from the menu.

viewing files in Nautilus
Figure 1. Viewing files in Nautilus

viewing file properties in Nautilus
Figure 2. Viewing file properties in Nautilus

The eiciel installation has added an Access Control List tab to Nautilus. You can see from the figure that this tab provides a GUI representation of the following permission set:

% ls -l test
-rw-r--r--  1 dru  dru  0 Jul 27 09:09 test

The other method is to start eiciel directly (Figure 3). Click on the Open button to select the test file (Figure 4), which will show the ACLs window (Figure 5).

starting eiciel directly
Figure 3. Starting eiciel directly

opening a file in eiciel
Figure 4. Opening a file in eiciel

editing ACLs in eiciel
Figure 5. Editing ACLs in eiciel

I prefer to use the nautilus method, as it also includes the Permissions tab, which allows me to view and change:

  • the file owner
  • the file group, including a tab to scroll through groups dru is a member of; similar to chgrp
  • special flags, to control SUID, SGID, and sticky bit
  • the text view, similar to ls -l
  • the number view; in this case, 644

Pages: 1, 2, 3, 4, 5, 6

Next Pagearrow

Recommended for You

Sponsored by: