If you’re worried about the file permissions on your Linux system being changed, it’s possible to back up the file permissions of a certain set of files or directories with the getfacl command. You can then restore file permissions en masse by using the setfacl command.
In this guide, we’ll show how to make a backup snapshot of file permissions, as well as how to restore the saved permissions.
In this tutorial you will learn:
- How to create a backup of file permissions
- How to restore a backup of file permissions
| Category | Requirements, Conventions or Software Version Used |
|---|---|
| System | Any Linux distro |
| Software | getfacl |
| Other | Privileged access to your Linux system as root or via the sudo command. |
| Conventions |
# – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command$ – requires given linux commands to be executed as a regular non-privileged user |
Create backup of file permissions
Check out some of the command line examples below to learn the getfacl syntax, and use the commands on your own system when you want to make a snapshot of file permissions.
- Make a file permissions snapshot of the
/var/www/mywebdirectory.$ getfacl /var/www/myweb > permissions.acl
The file permissions of the specified file or directory will be saved inside the
permissions.aclfile. - You can make a backup of multiple files and directories by using wildcards or specifying multiple files to snapshot.
$ getfacl example/file1 example/file2 > permissions.acl OR getfacl example/file* > permissions.acl
- If you are using absolute path names, you normally should include the
-poption. Otherwise, leading slashes will be stripped from the.aclfile. In our experience, using absolute path names leaves less room for error, so we recommend that you use them.$ getfacl -p /var/www/myweb /home/linuxconfig/morefiles > permissions.acl
The .acl file that gets generated will contain information about each file’s owner, group, permissions, and even special permissions like setuid, etc.
Restore file permissions
When the time comes that you need to restore the file permissions from the .acl file, you can use the setfacl command to make short work of it.
$ setfacl --restore=permissions.acl
Since file permissions.acl contains a full path to all files and directories to which permissions should be restored, there is no need to specify any extra options.
If, however, you did not use the -p option and absolute paths with your getfacl command when you generated the ACL file, you will need to make sure permissions.acl is in the same directory in which it was generated. Otherwise, the restore will not work as intended.
Closing Thoughts
In this guide, we saw how to back up and restore file permissions on Linux. This can be done through the getfacl and setfacl commands respectively, allowing us to take a snapshot in case file or directory permissions are erroneously changed in the future.
