BSD DevCenter
oreilly.comSafari Books Online.Conferences.


Using FreeBSD's ACLs
Pages: 1, 2, 3, 4, 5, 6

Installing the GUI

If you do a Google search for "FreeBSD acl," you'll find several articles and how-tos. Each of these gives examples on using the main ACL command line utilities, getfacl and setfacl, such as Greg Czaplinski's excellent Working with ACLs in FreeBSD 5.x.

While getfacl is straightforward, the syntax for setfacl can get a bit hairy--more than enough to scare off most of your users. Here, a GUI is beneficial, as it allows users to easily determine and control who has what permissions.

eiciel provides an intuitive GUI and is available as a FreeBSD package or port. It also works on Linux systems and is a part of the Nautilus file manager, which among other things adds a properties sheet to files, allowing a user to easily view and manage file permissions, icons, and the Open With utility.

You can quickly add the binary package using:

# pkg_add -r eiciel

Once you have installed the package, leave the superuser account and enter an X session as a regular user.

Accessing the GUI

There are two ways to access the newly installed ACL GUI. One is to start nautilus; see Figure 1. The user dru has three files in her home directory called test, file1, and myfile. Figure 2 shows what happens when the user right-clicks on test and selects Properties from the menu.

viewing files in Nautilus
Figure 1. Viewing files in Nautilus

viewing file properties in Nautilus
Figure 2. Viewing file properties in Nautilus

The eiciel installation has added an Access Control List tab to Nautilus. You can see from the figure that this tab provides a GUI representation of the following permission set:

% ls -l test
-rw-r--r--  1 dru  dru  0 Jul 27 09:09 test

The other method is to start eiciel directly (Figure 3). Click on the Open button to select the test file (Figure 4), which will show the ACLs window (Figure 5).

starting eiciel directly
Figure 3. Starting eiciel directly

opening a file in eiciel
Figure 4. Opening a file in eiciel

editing ACLs in eiciel
Figure 5. Editing ACLs in eiciel

I prefer to use the nautilus method, as it also includes the Permissions tab, which allows me to view and change:

  • the file owner
  • the file group, including a tab to scroll through groups dru is a member of; similar to chgrp
  • special flags, to control SUID, SGID, and sticky bit
  • the text view, similar to ls -l
  • the number view; in this case, 644

Pages: 1, 2, 3, 4, 5, 6

Next Pagearrow

Sponsored by: