Add Linux ACL guide

guides/index.html

@@ -40,6 +40,7 @@
 				</ul>
 				<h2>2024</h2>
 				<ul>
+					<li><a href="/guides/linux-acl.html">Linux Access Control Lists (ACL)</a> - 20/09/2024</li>
 					<li><a href="/guides/docker-install.html">Docker Install</a> - 16/09/2024</li>
 					<li><a href="/guides/linux-file-permissions.html">Linux File Permissions</a> - 14/09/2024</li>
 				</ul>

guides/linux-acl.html

@@ -0,0 +1,93 @@
+<!DOCTYPE html>
+<html lang="en">
+	<head>
+		<meta charset="utf-8">
+		<meta name="viewport" content="width=device-width, initial-scale=1">
+		<meta name="description" content="A guide to adding a free SSL certificate to your website(s) using cerbot, and automatically renewing them">
+		<meta name="keywords" content="Blog, articles, guide, certbot, SSL, secure certificate, website">
+		<meta name="author" content="Nathan (Aney) Steel">
+		<meta name="theme-color" content="white">
+		<meta name="theme-color" content="black">
+		<link rel="stylesheet" type="text/css" href="/main.css">
+		<link rel="icon" type="image/png" href="/images/favicon.svg">
+		<title>Linux Access Control Lists (ACL)</title>
+	</head>
+
+	<body>
+		<header>
+			<a href="#main" class="vh">Jump directly to main content</a>
+			<h1>Linux Access Control Lists (ACL)</h1>
+			<input id="burger-toggle" type="checkbox"/>
+			<label class="burger-container" for="burger-toggle"><div class="burger"></div><span class="sr">Burger menu</span></label>
+			<hr/>
+			<nav>
+				<a href="/">home</a>
+				<a href="/about.html">about</a>
+				<a href="/projects.html">projects</a>
+				<a href="/blog/">blog</a>
+				<a href="/sitemap.html">misc</a>
+				<a href="/support.html">support</a>
+			</nav>
+			<hr/>
+		</header>
+
+		<main id="main">
+			<section>
+				<p>Sometime linux filesystem permissions and ownership can only get you so far, for more complicated, or fine-tuned permissions we'll to use need another method, ACLs.</p>
+				<p>If you don't know much about linux file permissions I recommend you check my first guide on <a href="/guides/linux-file-permissions.html" rel="noopener">Linux File Permissions</a> first, as this guide will only be covering the how-to, and not the why.</p>
+
+				<h2>What are ACLs?</h2>
+				<p>Access Control Lists, ACL for short are essentially a filter that can be set for files and directories to allow/disallow permissions for multiple users and groups without the need to change ownerships.</p>
+
+				<h3>Install ACL</h3>
+				<pre><code>sudo apt install acl</code></pre>
+
+				<h2>Create ACL Entries/Permissions</h2>
+
+				<h3>Directory ACL</h3>
+				<p>Like default linux permissions, the same deal applies for u,g,o/rwx. 
+				 The main difference being that alternate users/groups can be defined by name such as <code>u:username:rw</code>, and <code>g:groupname:x</code>.</p>
+				<pre><code>setfacl -dm "u:user:rwx" DIRECTORY # New Files
+setfacl --recursive -m "u:user:rwx" DIRECTORY # Existing Files</code></pre>
+				<p>The above will change the permissions for the directory, and any new children created within it to be rwx for the user "user". The second part of the above will then change all existing child files/directories of the directory to those same ACL permissions.</p>
+
+				<h3>File ACL</h3>
+				<p>Much like directory ACL, except for files. Any standalone files, or those within directories with an ACL set.</p>
+				<pre><code>setfacl -m "u:user:rwx" FILENAME</code></pre>
+
+
+				<h2>View ACL Entries</h2>
+				<p>Sometimes you need to check the permissions, and a <code>ls -l</code> will no longer cut it with ACL in use, so <code>getfacl</code> should be used.</p>
+				<pre><code>getfacl FILENAME</code></pre>
+				<p>The above will show something along the lines of:</p>
+				<pre><code># file: FILENAME
+# owner: root
+# group: root
+user::rwx
+user:user:rwx
+group::r-x
+mask::rwx
+other::r-x</code></pre>
+
+				<p>The <code>owner</code>, <code>group</code>, <code>user::</code>, <code>group::</code>, and <code>other::</code>, are self-explanitory as they're basic <a href="/guides/linux-file-permissions.html"  rel="noopener">Linux File Permission</a> bits 'n' bobs.</p>
+				<p><code>mask::rwx</code> sets the maximum permissions that can be used for the other user/groups that aren't the owners. So having rwx allows different user/groups to be able to have all permissions.</p>
+				<p><code>user:user:rwx</code> shows that the user "user" has rwx permissions for the file.</p>
+
+				<h2>Remove ACL Entries</h2>
+
+				<p>If you're don't want the ACLs anymore, you can always remove them for a file/directory. Adding <code>-R</code> to the command will recursively remove ACL from any children too.</p>
+				<pre><code>setfacl -b FILENAME</code></pre>
+
+				<h3>Remove ACL entry for a specific user/group</h3>
+				<pre><code>setfacl -x "u:user" FILENAME</code></pre>
+
+			</section>
+		</main>
+
+		<footer>
+			<hr/>
+			<p>Written by <a href="https://aney.co.uk" target="_blank" rel="noopener">@aney</a> with <a href="https://danluu.com/web-bloat/" target="_blank" rel="noopener">web bloat</a> in mind | <a href="https://github.com/Aney/website" target="_blank" rel="noopener">Source Code</a></p>
+		</footer>
+	</body>
+</html>
+

guides/linux-file-permissions.html

@@ -101,6 +101,9 @@ chmod o+r FILENAME</code></pre>
 				<p>The <code>chmod</code> command can also be used on directories. The following example will give all permissions to all users for that directory, and all its child files/directories.</p>
 				<pre><code>chmod a=rwx directoryName -R</code></pre>
 
+				<h2>Extra</h2>
+				<p><a href="/guides/linux-acl.html">Access Control Lists (ACL) Permissions</a> for a guide to access control lists.</p>
+
 			</section>
 		</main>