Securing Linux Storage with ACLs: An Open-Source Web Management Interface for Enhanced Data Protection.
A robust web-based management interface for Linux Access Control Lists (ACLs), designed to enhance data protection and simplify ACL administration. This project provides a modern, user-friendly solution for managing file system permissions in Linux environments.
Institutional departments, such as the Biomedical Informatics (BMI) Department of Emory University School of Medicine, manage vast amounts of data, often reaching petabyte scales across multiple Linux-based storage servers. Researchers storing data in these systems need a streamlined way to modify ACLs to grant or revoke access for collaborators. Currently, the IT team at BMI is responsible for manually handling these ACL modifications, which is time-consuming, error-prone, and inefficient, especially as data volume and user demands grow. To address this challenge at BMI and similar institutions worldwide, a Web Management Interface is needed to allow users to modify ACLs securely. This solution would eliminate the burden on IT teams by enabling on-demand permission management while ensuring security and reliability. The proposed system will feature a robust and highly configurable backend, high-speed databases, orchestration daemons for file storage servers, and an intuitive frontend. The proposal includes an in-depth analysis of required components, high-level and low-level design considerations, technology selection, and the demonstration of a functional prototype as proof of concept. The goal is to deliver a production-ready, secure, scalable, and reliable system for managing ACLs across multiple servers hosting filesystems such as NFS, BeeGFS, and others. This solution will streamline access control management and prepare it for deployment at BMI and other institutions worldwide, significantly reducing the manual workload for IT teams.
- Intuitive web interface for ACL management
- High-performance backend written in Go
- Real-time ACL updates
- Comprehensive ACL reporting and visualization
- Integration with OpenLDAP for authentication
To view or contribute to the documentation locally:
git clone https://github.com/PythonHacker24/linux-acl-management-aclapi.git
cd linux-acl-management-aclapiWe recommend using a virtual environment:
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
pip install mkdocs mkdocs-shadcnmkdocs serveThen open http://127.0.0.1:8000 in your browser to preview the site.
To generate a static site for production deployment:
mkdocs buildThe compiled site will be available in the site/ directory. You can deploy this directory to GitHub Pages, Netlify, Vercel, or any static hosting provider.
.
├── docs/ # Markdown files for documentation
│ └── index.md
├── mkdocs.yml # MkDocs configuration
├── requirements.txt (optional) # Python dependencies
├── deployments/ # Deployment configs (e.g., Docker, k8s)
├── api/ # API definitions and OpenAPI specs
└── src/ or cmd/ # (For code, if combined with doc repo)main: Production-ready codedevelopment-v<version>: Development branches for specific versions
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
Please read CONTRIBUTING.md for details on our code of conduct and development process.
This project is developed as part of Google Summer of Code 2025, in collaboration with the Department of Biomedical Informatics at Emory University.
- Contributor: Aditya Patil
- Mentors:
- Robert Tweedy
- Mahmoud Zeydabadinezhad, PhD
- Docs Framework: MkDocs,
mkdocs-shadcntheme, Markdown
This project is licensed under the MIT License - see the LICENSE file for details.
- Department of Biomedical Informatics, Emory University
- Google Summer of Code Program
- Open Source Community