Table of Contents


# add acl
setfacl -Rm g:sftpusers:rwx file_or_dir
setfacl -m u:sftp01:r-x file_or_dir

# remove acl
setfacl -Rx g:sftpusers file_or_dir

# remove all acls, include mask
setfacl -bn file_or_dir


# delete a user's password
# the 2nd field of `/etc/shadow` will be empty
# then the user can login without password, it's very dangerous!
passwd -d user

# lock a user's password
# the 2nd field of `/etc/shadow` will begin with a `!` (exclamation mark)
# then the user can't login
passwd -l user


# lock a user's password, equal to `passwd -l someone`
usermod -L user

# append the user to the current supplementary group list,
# and don't be removed from his original groups
usermod -Ga newgroup1,newgroup2 user


# remove a user from a group
gpasswd -d user group