Which command would you run to display current access control settings on a file?

The command that displays current access control settings on a file is getfacl. This command is specifically designed to retrieve and display the access control lists (ACLs) associated with a file or directory. ACLs provide a finer-grained permission mechanism than traditional Unix file permissions, allowing for specific rules to be set for individual users and groups.

Using getfacl will show not only the standard permissions (read, write, execute) but also any additional rules defined in the ACL. This is particularly important for systems where more detailed access controls are necessary, such as in collaborative environments or when managing sensitive data.

The other commands listed serve different purposes:

• The ls -l command lists files and their permissions in a standard format but does not provide detailed access control settings beyond the basic owner/group/others model.

• The stat command provides information about a file's attributes, including timestamps and size, but does not focus on ACLs or specific access control details.

• The chmod command is used to change the permissions of a file or directory but does not display the current access control settings.

Thus, getfacl is the appropriate choice when seeking to view the detailed access control settings on a file.