acl_create_entry - Linux


acl_create_entry modifies the Access Control List (ACL) for a file or directory, allowing for fine-grained control over file permissions. It adds a new entry to the ACL, specifying which users or groups have specific permissions.


acl_create_entry [-d] [-e ACL_ENTRY] [-E ACL_FILE] [-g GROUP]
[-m MASK] [-n NAME] [-p PERMISSION] [-s] [-u USER] FILE


  • -d: Disable the entry after creation.
  • -e ACL_ENTRY: File containing ACL entries to be added.
  • -E ACL_FILE: Read ACL entries from this file and add them to the ACL of FILE.
  • -g GROUP: Add an entry for the specified group.
  • -m MASK: Set the mask value of the ACL entry.
  • -n NAME: Set the name of the ACL entry.
  • -p PERMISSION: Set the permissions for the ACL entry (e.g., rwx).
  • -s: Set the ACL entry to be an audit entry.
  • -u USER: Add an entry for the specified user.


Add an ACL entry for user "alice" with read and write permissions:

acl_create_entry -u alice -p rw FILE

Add an ACL entry for group "staff" with read, write, and execute permissions, and disable it immediately:

acl_create_entry -d -g staff -p rwx FILE

Read ACL entries from a file and add them to the ACL of "foo":

acl_create_entry -E acl_entries foo

Common Issues

  • Permission denied: Ensure you have sufficient privileges to modify the ACL.
  • Invalid ACL entry: Verify that the specified ACL entry is well-formed and follows the correct syntax.
  • File not found: Check if the specified file path is correct.


  • Use with find to modify ACLs for multiple files matching a specific pattern.
  • Combine with getfacl to retrieve and update ACLs.

Related Commands

  • getfacl: Retrieves file ACLs.
  • setfacl: Modifies file ACLs.