Repository files navigation

Linux ACL Management Interface - Backend Component

A robust web-based management interface for Linux Access Control Lists (ACLs), designed to enhance data protection and simplify ACL administration. This project provides a modern, user-friendly solution for managing file system permissions in Linux environments.

View Documentation

Institutional departments, such as the Biomedical Informatics (BMI) Department of Emory University School of Medicine, manage vast amounts of data, often reaching petabyte scales across multiple Linux-based storage servers. Researchers storing data in these systems need a streamlined way to modify ACLs to grant or revoke access for collaborators. Currently, the IT team at BMI is responsible for manually handling these ACL modifications, which is time-consuming, error-prone, and inefficient, especially as data volume and user demands grow. To address this challenge at BMI and similar institutions worldwide, a Web Management Interface is needed to allow users to modify ACLs securely. This solution would eliminate the burden on IT teams by enabling on-demand permission management while ensuring security and reliability. The proposed system will feature a robust and highly configurable backend, high-speed databases, orchestration daemons for file storage servers, and an intuitive frontend. The proposal includes an in-depth analysis of required components, high-level and low-level design considerations, technology selection, and the demonstration of a functional prototype as proof of concept. The goal is to deliver a production-ready, secure, scalable, and reliable system for managing ACLs across multiple servers hosting filesystems such as NFS, BeeGFS, and others. This solution will streamline access control management and prepare it for deployment at BMI and other institutions worldwide, significantly reducing the manual workload for IT teams.

• Intuitive web interface for ACL management
• High-performance backend written in Go
• Real-time ACL updates
• Comprehensive ACL reporting and visualization
• Integration with OpenLDAP for authentication

• Go 1.20 or higher
• Docker (optional)
• Redis
• OpenLDAP server

1. Clone the repository:

   git clone https://github.com/PythonHacker24/linux-acl-management-backend.gitcd linux-acl-management

2. Install dependencies:

   go mod download

3. Build the application:

   go build -o acl-manager

For production build, it is recommended to use the Makefile. This allows you to build the complete binary on locally for security purposes. Since the project is in development mode, complete local build is not possible since dependencies are managed via GitHub and external vendors. Tarball based complete local builds will be developed in later stages.

1. Clone the repository:

   git clone https://github.com/PythonHacker24/linux-acl-management.gitcd linux-acl-management

2. Use make:

   make build

3. Execute the binary

   ./bin/laclm --config config.yaml

A simulated environment has been developed on docker-compose for testing and experimenting purposes. It's not a production level build but a training ground for testing your config.yaml file for specific scenario.

docker-compose up -d

A complete optional Docker based deployment option will be developed in later stages of development

1. Configure your settings inconfig.yaml

2. Start the server:

   ./laclm --config<config.yaml>

3. Access the api athttp://<ip-address>:<port>

For detailed usage instructions, please refer to ourdocumentation.

• main: Production-ready code
• development-v<version>: Development branches for specific versions

1. Fork the repository
2. Create your feature branch (git checkout -b feature/amazing-feature)
3. Commit your changes (git commit -m 'Add some amazing feature')
4. Push to the branch (git push origin feature/amazing-feature)
5. Open a Pull Request

Please readCONTRIBUTING.md for details on our code of conduct and development process.

This project is developed as part of Google Summer of Code 2025, in collaboration with the Department of Biomedical Informatics at Emory University.

• Contributor: Aditya Patil
• Mentors:
  • Robert Tweedy
  • Mahmoud Zeydabadinezhad, PhD

• Backend: Golang, net/http
• API: gRPC, REST
• Infrastructure: Docker, Redis, OpenLDAP
• Packaging: Tarball

This project is licensed under the MIT License - see theLICENSE file for details.

• Department of Biomedical Informatics, Emory University
• Google Summer of Code Program
• Open Source Community