Check the ACL!

Please keep in mind that this post is about 3 years old.
Technology may have changed in the meantime.

I just shot myself in the foot using Access Control Lists.

# ls -l ./somefile.txt
-rw-r-----+  1 root  www  893  Apr 4 00:44 ./somefile.txt
# getfacl ./somefile.txt
user:www:--x  # effective: ---
group::r-x    # effective: r--

In the above example, the file inherited the default ACL from the parent directory.

I’m not even going to tell you how long it took me to figure out why the web server couldn’t access the file…

If you can’t find it: check those ACL!

And if you want to drive your colleague crazy:

# setfacl -m u:george:--- /some/random/commonly/used/file


You may republish this article online or in print under our Creative Commons license. You may not edit or shorten the text, you must attribute the article to and you must include the author’s name in your republication.

If you have any questions, please email


Creative Commons License AttributionCreative Commons Attribution
Check the ACL!