How do I know ACLs are supported on my file system?
Solution 1
If you're talking about a mounted filesystem, I don't know of any intrinsic way to tell whether ACL are possible. Note that “are ACL supported?” isn't a very precise question since there are several types of ACL around (Solaris/Linux/not-POSIX-after-all, NFSv4, OSX, …). Note that getfacl
is useless as a test since it will happily report Unix permissions if that's all there is: you need to try setting an ACL to test.
Still on mounted filesystem, you can check for the presence of acl
in the mount options (which you can find in /proc/mount
). Note that this isn't enough: you also need to take the kernel version and the filesystem type in consideration. Some filesystem types always have ACL available, regardless of mount options; this is the case for tmpfs, xfs and zfs. Some filesystems have ACL unless explicitly excluded; this is the case for ext4 since kernel 2.6.39.
Solution 2
To know if ACL is available you can:
Check current kernel version and filesystem:
uname -r
df -T
ormount | grep root
Recent distro have ACL mount option included by default (since kernel 2.6). So it's not mandatory to redefine it in /etc/fstab (or similar). Non exhaustive list of filesystems concerned: ext3, ext4, tmpfs, xfs and zfs .
If you have older setup then you may have to recompile the kernel and/or add acl in/etc/fstab
.
fstab example:/dev/root / ext4 acl,errors=remount-ro 0 1
Look for existing ACL settings (the "usual" config place is on /boot):
sudo mount | grep -i acl #optionnal
cat /boot/config* | grep _ACL
Depending of the system you could find the settings in/proc
instead. Here is a way to extract the config from the .gz archive and then search for acl settings:cat /proc/config.gz | gunzip > running.config && grep -i 'acl' running.config
cat running.config | grep _ACL
You should see something like:CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_EXT2_FS_POSIX_ACL=y
CONFIG_XFS_POSIX_ACL=y
For the filesystem you can try to get more info with:sudo tune2fs -l /xxx/xxx| grep 'Default mount options:'
(replace xxx/xxx by your filesystem)
--
Helpfull information can be found on:
- superuser.com,
- serverfault,
- bencane.com,
- wiki.archlinux.org
Solution 3
acl should be enabled as default if you are using ext2/3/4 or btrfs.
Check with:
tune2fs -l /dev/sdXY | grep "Default mount options:"
If it isn't in the output do a:
tune2fs -o acl /dev/sdXY
Related videos on Youtube
0xC0000022L
human father bibliophile geek & ~nerd misanthropic philanthropist skeptic code necromancer programmer reverse engineer (RCE) / software archaeologist / grayhat hacker moderator on reverseengineering system administrator FLOSS enthusiast Debian, FreeBSD and Ubuntu aficionado
Updated on September 18, 2022Comments
-
0xC0000022L over 1 year
Is it enough to see
getfacl
giving no error, or do I have to check some other place to see whether or not ACLs are supported by the file systems? -
Cthulhu Tentacles over 9 years
grep acl /etc/mke2fs.conf
will do it too. -
0xC0000022L over 9 yearsas for the
getfacl
test you're right. Except if I were able to find a non-default ACL (by suppressing default ones and header). Checking/proc/mount
doesn't appear to be enough in cases where theacl
option is a default option not coming from the mount command orfstab
, though. -
CMCDragonkai almost 8 yearsI noticed when running ZFS on Linux, with
acltype=posixacl
, the/proc/mounts
will showposixacl
, but in another system with just ext4, there's nothing inside/proc/mounts
, butacl
was a default mount option for ext4.