ACL: An access control list that is used primarily for setting permissions on files or directories
How to use:
Getfacl [file]: View this file ACL permissions
Setfacl [-BKNDRLPVH] [{-m|-x} Acl_spec] [{-m|-x} Acl_file] File ...
Special permissions:
Mask Permission: This permission is the maximum effective permission, which is the final permission when the permissions set for the user or group have the same permissions as the Mask permission
Common options:
-M: Create new ACL permissions
-X: Remove the specified ACL permissions
-B: Remove all ACL permissions
-D: Set default ACL permissions
-K: Remove default ACL permissions
-r: Set ACL permissions in a recursive manner
To view ACL permissions for the current file or directory:
#getfacl Test
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/7C/AE/wKioL1bWSz3iFYfiAAAOdLjmN8M270.png "title=" q5$ 7sexo[eoa@ $W 6s_r72za.png "alt=" Wkiol1bwsz3ifyfiaaaodljmn8m270.png "/>
To set ACL permissions on the user:
#setfacl-M u:liu:rwx test
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/7C/AE/wKioL1bWS6bTmXYjAAATFljBIMg441.png "title=" 2r}e{] 4[lzq6x (s@nvhie{5.png "alt=" Wkiol1bws6btmxyjaaatfljbimg441.png "/>
To set ACL permissions on a group:
# setfacl-m G:tgroup:rx Test
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/7C/B0/wKiom1bWTH6C4PiFAAAXxNQnexo217.png "title=" V ([ 8gg$ $B $~]o67) nw_whw.png "alt=" Wkiom1bwth6c4pifaaaxxnqnexo217.png "/>
Set maximum effective permissions mask:
#setfacl-M M:RX test previously set the permissions for the user Liu Rwx, after setting the Mask permission, the final effective permission is RX
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/7C/B0/wKiom1bWTWChe-gLAAAXbHhdNtg975.png "title=" vv~@ 9ums1kkd35nqi0cv1{t.png "alt=" Wkiom1bwtwche-glaaaxbhhdntg975.png "/>
Remove user rights:
#setfacl-x U:liu test can see that the permissions previously set for user Liu are gone.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/7C/AF/wKioL1bWTpvQWQQxAAAY7nTsBZI428.png "title=" l~~0u) _skwwpw]33y_u~f7x.png "alt=" Wkiol1bwtpvqwqqxaaay7ntsbzi428.png "/>
Delete Group permissions:
#setfacl-x G:tgroup test can see that the permissions previously set for group Tgroup are gone.
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/7C/AF/wKioL1bWTvCh-6fTAAAW0lPlDoE497.png "title=" N] Fq91nti1@p_8u@5x1uohq.png "alt=" Wkiol1bwtvch-6ftaaaw0lpldoe497.png "/>
To set recursive permissions:
#setfacl-R-M U:LIU:RX test all files or directories in this directory, user Liu has only RX permission
Remove all permissions:
#setfacl-B Test
To set default permissions:
#setfacl-M D:u:liu:rx test
Delete Default permissions:
#setfacl-K Test
This article is from the "burning Years of Passion" blog, please be sure to keep this source http://liuzhengwei521.blog.51cto.com/4855442/1746614
Detailed ACL usage