If you’re worried about the file permissions on your Linux system being changed, it’s possible to back up the file permissions of a certain set of files or directories with the
getfacl command. You can then restore file permissions en masse by using the
In this guide, we’ll show how to make a backup snapshot of file permissions, as well as how to restore the saved permissions.
In this tutorial you will learn:
- How to create a backup of file permissions
- How to restore a backup of file permissions
|Category||Requirements, Conventions or Software Version Used|
|System||Any Linux distro|
|Other||Privileged access to your Linux system as root or via the
# – requires given linux commands to be executed with root privileges either directly as a root user or by use of
$ – requires given linux commands to be executed as a regular non-privileged user
Create backup of file permissions
Check out some of the command line examples below to learn the
getfacl syntax, and use the commands on your own system when you want to make a snapshot of file permissions.
- Make a file permissions snapshot of the
$ getfacl /var/www/myweb > permissions.acl
The file permissions of the specified file or directory will be saved inside the
- You can make a backup of multiple files and directories by using wildcards or specifying multiple files to snapshot.
$ getfacl example/file1 example/file2 > permissions.acl OR getfacl example/file* > permissions.acl
- If you are using absolute path names, you normally should include the
-poption. Otherwise, leading slashes will be stripped from the
.aclfile. In our experience, using absolute path names leaves less room for error, so we recommend that you use them.
$ getfacl -p /var/www/myweb /home/linuxconfig/morefiles > permissions.acl
.acl file that gets generated will contain information about each file’s owner, group, permissions, and even special permissions like setuid, etc.
Restore file permissions
When the time comes that you need to restore the file permissions from the
.acl file, you can use the
setfacl command to make short work of it.
$ setfacl --restore=permissions.acl
permissions.acl contains a full path to all files and directories to which permissions should be restored, there is no need to specify any extra options.
If, however, you did not use the
-p option and absolute paths with your
getfacl command when you generated the ACL file, you will need to make sure
permissions.acl is in the same directory in which it was generated. Otherwise, the restore will not work as intended.
In this guide, we saw how to back up and restore file permissions on Linux. This can be done through the
setfacl commands respectively, allowing us to take a snapshot in case file or directory permissions are erroneously changed in the future.