The getfacl command is used to retrieve the ACLs of files and directories.

The basic output format of the getfacl command shows metadata about the object including its owner, its group, any SUID/SGID/sticky bit flags set, the standard permissions associated with the object, and the individual permission entries for users and groups.

An ACL that sets permissions for a specific user.

getfacl command output

getfacl Command Examples

1. To get the ACL’s of a file:

2. To display the file access control list:

# getfacl -a /tmp/file.txt
# getfacl --access /tmp/file.txt 

3. To display the default access control list:

# getfacl -d /tmp/file.txt
# getfacl --default /tmp/file.txt 

4. To avoid displaying comment header:

# getfacl -c /tmp/file.txt
# getfacl --omit-header /tmp/file.txt 

5. To Print all effective rights comments:

# getfacl -e /tmp/file.txt
# getfacl --all-effective /tmp/file.txt 

6. To avoid printing effective rights:

# getfacl -E /tmp/file.txt
# getfacl --no-effective /tmp/file.txt 

7. To skip files that only have the base ACL entries:

# getfacl -s /tmp/file.txt
# getfacl --skip-base /tmp/file.txt 

8. To list the ACL’s recursively:

# getfacl -R /tmp
# getfacl --recursive /tmp 

9. To follow the symbolic links:

# getfacl -L /tmp/file.txt
# getfacl --logical /tmp/file.txt 

10. To avoid following the symbolic links:

# getfacl -P /tmp/file.txt
# getfacl --physical /tmp/file.txt 

11. To get the tabular output format:

# getfacl -t /tmp/file.txt
# getfacl --tabular /tmp/file.txt 

12. Do not strip leading slash characters:

# getfacl -p /tmp/file.txt
# getfacl --absolute-names /tmp/file.txt 

13. To list the numeric user and group IDs:

# getfacl -n /tmp/file.txt
# getfacl --numeric /tmp/file.txt 

14. To get the version of the getfacl:

# getfacl -v
# getfacl -version 

15. To get the help for getfacl:

# getfacl -h
# getfacl --help