Skip to content

AIX native ACLs – a primer

The triplets of read, write and execute as associated with a file object has been around as long as UNIX. To say that today their usefulness has depreciated is nothing but an understatement. Still, despite the amount of time that has passed since UNIX introductions many sites relies nothing but rwx to set access privileges which results (often and frequently) with file systems/directories being wide open to access by all who can log into the host. Why? Often because of a “conflict of interests”; initially we create numerous groups with the best of intentions which we assign to their respected file systems to quickly yield to the business requirements dictating the the members of one group also be able to access the files in the other file system, and so forth and so forth. I do think that currently the usefulness of the original triplets rwx.

Well, regardless who is right and who is not I want to suggest you introduce yourselves to AIX ACLs, RBAC and maybe even to ACLs NFS v.4 (who knows, maybe this is God gift to AIX administrators?). This post will try to introduce you to the AIX own ACL that deliver a more granular control over file objects. Note that NFS v.4 ACLs delivered far more granular control then AIX native ACLs.

Posted in AIX, Real life AIX.

Tagged with , , , , , , , , , , .

0 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

Some HTML is OK

or, reply to this post via trackback.

WordPress Anti Spam by WP-SpamShield

Copyright © 2016 - 2017 Waldemar Mark Duszyk. All Rights Reserved. Created by Blog Copyright.