Display ACL entries for a file by using the getfacl command.
$ getfacl [-a | -d] filename ... |
-a |
Displays the file name, file owner, file group, and ACL entries for the specified file or directory. |
-d |
Displays the file name, file owner, file group, and default ACL entries for the specified directory. |
filename ... |
Specifies one or more files or directories, separated by a space. |
If you specify multiple file names on the command line, the ACL entries are displayed with a blank line between each entry.
The following example shows all the ACL entries for the ch1.doc file. The #effective: note beside the user and group entries indicates what the permissions are after being modified by the ACL mask.
$ getfacl ch1.doc # file: ch1.doc # owner: nathan # group: sysadmin user::rw- user:george:r-- #effective:r-- group::rw- #effective:rw- mask:rw- other:--- |
The following example shows the default ACL entries for the book directory.
$ getfacl -d book # file: book # owner: nathan # group: sysadmin user::rwx user:george:r-x #effective:r-x group::rwx #effective:rwx mask:rwx other:--- default:user::rw- default:user:george:r-- default:group::rw- default:mask:rw- default:other:--- |