20181123基本权限FACL

原创

橙风破浪go 2018-11-23 20:45:53 ©著作权

©著作权归作者所有：来自51CTO博客作者橙风破浪go的原创作品，请联系作者获取转载授权，否则将追究法律责任

文件权限管理之：ACL设置基本权限

ACL的基本用法： 1.设置权限： [root@dong ~]# setfacl -m u:dong1:rw /home/test.txt 2.查看： [root@dong ~]# getfacl /home/test.txt getfacl: Removing leading '/' from absolute path names #file: home/test.txt #owner: root #group: root user::rw- user:dong1:rw- group::r-- mask::rw- other::r- 3.测试 [dong1@dong home]$ vim /home/test.txt

实例1：用户设置权限 [root@dong ~]# setfacl -m u:hr01:rwx /home/test.txt [root@dong ~]# getfacl /home/test.txt getfacl: Removing leading '/' from absolute path names #file: home/test.txt owner: root group: root user::rw- user:dong1:rw- user:hr01:rwx group::r-- mask::rwx other::r-- 实例2：给组设置权限

[root@dong ~]# setfacl -m g:hr:rwx /home/test.txt [root@dong ~]# getfacl /home/test.txt getfacl: Removing leading '/' from absolute path names #file: home/test.txt #owner: root #group: root user::rw- user:dong1:rw- user:hr01:rwx group::r-- group:hr:rwx mask::rwx other::r--

4.删除用户对这个文件的权限： [root@dong ~]# setfacl -x u:dong1 /home/test.txt

[root@dong ~]# getfacl /home/test.txt getfacl: Removing leading '/' from absolute path names file: home/test.txt #owner: root #group: root user::rw- user:hr01:rwx group::r-- group:hr:rwx mask::rwx other::r--

5.取消其他人的任何权限 [root@dong ~]# setfacl -m o:- /home/test.txt

[root@dong ~]# getfacl /home/test.txt getfacl: Removing leading '/' from absolute path names #file: home/test.txt #owner: root #group: root user::rw- user:hr01:rwx group::r-- group:hr:rwx mask::rwx other::---

6.清除所有的设置 [root@dong ~]# setfacl -b /home/test.txt [root@dong ~]# ll /home/test.txt -rw-r-----. 1 root root 5 11月 6 07:25 /home/test.txt

7.复制FACL [root@dong ~]# setfacl -m u:dong1:rwx,u:hr01:rw /home/test.txt [root@dong ~]# setfacl -m g:hr:rw,g:hr01:r /home/test.txt

[root@dong ~]# getfacl /home/test.txt getfacl: Removing leading '/' from absolute path names file: home/test.txt #owner: root #group: root user::rw- user:dong1:rwx user:hr01:rw- group::r-- group:hr01:r-- group:hr:rw- mask::rwx other::---

[root@dong ~]# getfacl /home/test.txt | setfacl --set-file=- /home/test1.txt 查看test1.txt的权限，与test.txt完全一样 [root@dong ~]# getfacl /home/test1.txt getfacl: Removing leading '/' from absolute path names #file: home/test1.txt #owner: root #group: root user::rw- user:dong1:rwx user:hr01:rw- group::r-- group:hr01:r-- group:hr:rw- mask::rwx other::---