The NFS 4 ACL Tool allows setting Access Control Lists (ACLs) on NFS version 4 filesystems. It's similar in usage to the POSIX ACL Tool.
Install NFS 4 ACL Tool on NFS Clients
On NFS clients that mount NFS shares with NFSv4, install the tool:
[root@node01 ~]# dnf -y install nfs4-acl-tools
Display ACL of Files/Directories
Show ACL of a file or directory on NFSv4 filesystem:
[root@node01 ~]# nfs4_getfacl /mnt/test.txt
[root@node01 ~]# nfs4_getfacl /mnt/testdir
Description of ACE (Access Control Entry) components:
Add or Delete ACE
Add generic read/execute permissions for a user to a file:
[root@node01 ~]# nfs4_setfacl -a A::cent@emc.world:rxtncy /mnt/test.txt
Delete specific permissions for a user from a file:
[root@node01 ~]# nfs4_setfacl -x A::1000:rxtcy /mnt/test.txt
Edit ACL Directly
Directly edit the ACL using an editor:
[root@node01 ~]# nfs4_setfacl -e /mnt/test.txt
Add ACE from a File
Add ACL entries from a file:
[root@node01 ~]# nfs4_setfacl -A acl.txt /mnt/test.txt
Replace Current ACE with New ACE
Replace the entire ACL with new entries from a file:
[root@node01 ~]# nfs4_setfacl -S acl.txt /mnt/test.txt
Replace Specific ACE
Replace a specific ACE with a new one:
[root@node01 ~]# nfs4_setfacl -m A::EVERYONE@:tcy A::EVERYONE@:RX /mnt/test.txt
The NFS 4 ACL Tool offers flexible management of access permissions on NFSv4 filesystems, making it a vital tool for NFS administrators.