Plus sign in ls output
What is the + sign when using ls?
Ever wondered what the plus (+) sign is when showing a directory listing? It is part of a POSIX standard to support access control lists (ACL) on files.
Normal files on a file system will have only 10 characters displayed, with the last 9 used for file permissions. However, when file access control lists are used, an 11th character shows up. This plus sign indicates the usage of a file ACL.
total 4 -rw-r-----+ 1 root root 5 May 29 14:36 test1 -rw-r----- 1 root root 0 May 28 11:52 test2
By using the command getfacl, the underlying permissions can be displayed. This command will display the normal file permissions, together with the more granular ones.
In the screenshot, the user “www-data” has access to the file test1. This user is not listed in a group, nor being the owner (that is root). Still, this user has with the help of POSIX ACLs read access to the file.
If you never worked with ACLs, have a look at the man page of setfacl for some great examples. There will be a time when the normal file permissions are insufficient, yet you want to avoid using the “other” (everyone) group. POSIX ACLs to the rescue!