If you're worried about the file permissions on your Linux system being changed, it's possible to back up the file permissions of a certain set of files or directories with the getfacl command. You can then restore file permissions en masse by using the setfacl command.

In this guide, we'll show how to make a backup snapshot of file permissions, as well as how to restore the saved permissions.

In this tutorial you will learn:
  • How to create a backup of file permissions
  • How to restore a backup of file permissions
Backing up file permissions on Linux
Backing up file permissions on Linux
Software Requirements and Linux Command Line Conventions
Category Requirements, Conventions or Software Version Used
System Any Linux distro
Software getfacl
Other Privileged access to your Linux system as root or via the sudo command.
Conventions # - requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
$ - requires given linux commands to be executed as a regular non-privileged user

Create backup of file permissions


SUBSCRIBE TO NEWSLETTER
Subscribe to our NEWSLETTER and receive latest Linux news, jobs, career advice and tutorials.


Check out some of the command line examples below to learn the getfacl syntax, and use the commands on your own system when you want to make a snapshot of file permissions.

  1. Make a file permissions snapshot of the /var/www/myweb directory.
    $ getfacl /var/www/myweb > permissions.acl
    
    The file permissions of the specified file or directory will be saved inside the permissions.acl file.
  2. You can make a backup of multiple files and directories by using wildcards or specifying multiple files to snapshot.
    $ getfacl example/file1 example/file2 > permissions.acl
    OR
    getfacl example/file* > permissions.acl
    
  3. If you are using absolute path names, you normally should include the -p option. Otherwise, leading slashes will be stripped from the .acl file. In our experience, using absolute path names leaves less room for error, so we recommend that you use them.
    $ getfacl -p /var/www/myweb /home/linuxconfig/morefiles > permissions.acl
    


The .acl file that gets generated will contain information about each file's owner, group, permissions, and even special permissions like setuid, etc.

Examining the contents of an ACL file, which can be used to restore file permissions
Examining the contents of an ACL file, which can be used to restore file permissions

Restore file permissions

When the time comes that you need to restore the file permissions from the .acl file, you can use the setfacl command to make short work of it.

$ setfacl --restore=permissions.acl

Since file permissions.acl contains a full path to all files and directories to which permissions should be restored, there is no need to specify any extra options.

If, however, you did not use the -p option and absolute paths with your getfacl command when you generated the ACL file, you will need to make sure permissions.acl is in the same directory in which it was generated. Otherwise, the restore will not work as intended.

Closing Thoughts

In this guide, we saw how to back up and restore file permissions on Linux. This can be done through the getfacl and setfacl commands respectively, allowing us to take a snapshot in case file or directory permissions are erroneously changed in the future.

FIND LATEST LINUX JOBS on LinuxCareers.com
Submit your RESUME, create a JOB ALERT.
LINUX CAREER NEWSLETTER
Subscribe to NEWSLETTER and receive latest news, jobs, career advice and tutorials.
DO YOU NEED ADDITIONAL HELP?
Get extra help by visiting our LINUX FORUM or simply use comments below.