站長(zhǎng)資訊網(wǎng)文件權(quán)限管理之:ACL設(shè)置基本權(quán)限
ACL的基本用法:
1.設(shè)置權(quán)限:
[root@dong ~]# setfacl -m u:dong1:rw /home/test.txt
2.查看:
[root@dong ~]# getfacl /home/test.txt
getfacl: Removing leading '/' from absolute path names
#file: home/test.txt
#owner: root
#group: root
user::rw-
user:dong1:rw-
group::r–
mask::rw-
other::r-
3.測(cè)試
[dong1@dong home]$ vim /home/test.txt
實(shí)例1:用戶(hù)設(shè)置權(quán)限
[root@dong ~]# setfacl -m u:hr01:rwx /home/test.txt
[root@dong ~]# getfacl /home/test.txt
getfacl: Removing leading '/' from absolute path names
#file: home/test.txt
owner: root
group: root
user::rw-
user:dong1:rw-
user:hr01:rwx
group::r–
mask::rwx
other::r–
實(shí)例2:給組設(shè)置權(quán)限
[root@dong ~]# setfacl -m g:hr:rwx /home/test.txt
[root@dong ~]# getfacl /home/test.txt
getfacl: Removing leading '/' from absolute path names
#file: home/test.txt
#owner: root
#group: root
user::rw-
user:dong1:rw-
user:hr01:rwx
group::r–
group:hr:rwx
mask::rwx
other::r–
4.刪除用戶(hù)對(duì)這個(gè)文件的權(quán)限:
[root@dong ~]# setfacl -x u:dong1 /home/test.txt
[root@dong ~]# getfacl /home/test.txt
getfacl: Removing leading '/' from absolute path names
file: home/test.txt
#owner: root
#group: root
user::rw-
user:hr01:rwx
group::r–
group:hr:rwx
mask::rwx
other::r–
5.取消其他人的任何權(quán)限
[root@dong ~]# setfacl -m o:- /home/test.txt
[root@dong ~]# getfacl /home/test.txt
getfacl: Removing leading '/' from absolute path names
#file: home/test.txt
#owner: root
#group: root
user::rw-
user:hr01:rwx
group::r–
group:hr:rwx
mask::rwx
other::—
6.清除所有的設(shè)置
[root@dong ~]# setfacl -b /home/test.txt
[root@dong ~]# ll /home/test.txt
-rw-r—–. 1 root root 5 11月 6 07:25 /home/test.txt
7.復(fù)制FACL
[root@dong ~]# setfacl -m u:dong1:rwx,u:hr01:rw /home/test.txt
[root@dong ~]# setfacl -m g:hr:rw,g:hr01:r /home/test.txt
[root@dong ~]# getfacl /home/test.txt
getfacl: Removing leading '/' from absolute path names
file: home/test.txt
#owner: root
#group: root
user::rw-
user:dong1:rwx
user:hr01:rw-
group::r–
group:hr01:r–
group:hr:rw-
mask::rwx
other::—
[root@dong ~]# getfacl /home/test.txt | setfacl –set-file=- /home/test1.txt
查看test1.txt的權(quán)限,與test.txt完全一樣
[root@dong ~]# getfacl /home/test1.txt
getfacl: Removing leading '/' from absolute path names
#file: home/test1.txt
#owner: root
#group: root
user::rw-
user:dong1:rwx
user:hr01:rw-
group::r–
group:hr01:r–
group:hr:rw-
mask::rwx
other::—
