Quickly read POSIX ACLs to audit who can access files and directories. 17.03.2026 | reading time: 2 min When standard file mode bits are not enough, `getfacl` reveals extended POSIX ACLs so you can answer who actually has access to a file or directory, quickly and reliably. Hands-on example Create a file and grant a specific user extra rights, then inspect the ACL: `touch report.txt`; `setfacl -m u:alice:rwx report.txt`; `getfacl report.txt` Output: `# file: report.txt` `# owner: trainer` `# group: trainers` `user::rw-` `user:alice:rwx` `group::r--` `mask::rwx` `other::r--`. Interpreting the output Read the lines from top to bottom: the header shows file, owner and group; `user::` and `group::` are the base owner/group permissions; named `user:alice:` entries are the ACL additions; `mask` limits ACL-granted permissions; `other` is for everyone else; default ACLs appear on directories and propagate to new entries. Practical uses and options Use `getfacl` to audit permissions before backups, deployments or security reviews; add `-R` to traverse directories and `-n` to show numeric IDs when name resolution obscures results; remember that ACLs complement, not replace, standard mode bits. Tools that complete the workflow To change ACLs use `setfacl`, to view classic permissions use `ls -l`, and to inspect inode and mount details use `stat`, all of which help you correlate ACL entries with filesystem state. Wrap-up and next steps Mastering `getfacl` makes permission audits precise and repeatable; pursue deeper skills and consider exam preparation like CompTIA Linux+ or LPIC-1, and check bitsandbytes.academy for intensive hands-on review. Join Bits & Bytes Academy First class LINUX exam preparation. filesystem utilities security
