In a Linux system, you can use Setfacl to create files or subdirectories under the directory and inherit permissions from the parent directory.
The following root with the ordinary user user1. Under directory/mnt
[[email protected] mnt]# setfacl-m u:user1:rwx share//Add ower = User1 for the directory and give rwx the right root.
[[Email protected]redhat-7 mnt]# setfacl-d-M u:user1:rwx share//Add default ACL permissions for directory, creating directories and files under this directory will inherit this permission information
[Email protected] mnt]#
[Email protected] mnt]#
[[email protected] mnt]# Getfacl share//view share Facl Info
# File:share
# Owner:root
# Group:root
User::rwx
USER:USER1:RWX//At this time User1 can have write access to share
Group::r-x
Mask::rwx
Other::r-x
DEFAULT:USER::RWX//Default subdirectory or file permissions information
Default:user:user1:rwx
Default:group::r-x
Default:mask::rwx
Default:other::r-x
[Email protected] mnt]# CD share/
[[email protected] share]# ls
[email protected] share]# Touch Roota
[email protected] share]# Touch ROOTB
[Email protected] share]# mkdir Rootdir1
[Email protected] share]# mkdir ROOTDIR2
[[email protected] share]# ls
Roota ROOTB Rootdir1 Rootdir2
[Email protected] share]# Getfacl Roota
# File:roota
# Owner:root
# Group:root
user::rw-
USER:USER1:RWX #effective: rw-
Group::r-x #effective: r--
mask::rw-
other::r--
[Email protected] share]# Getfacl Rootdira
Getfacl:rootdira:No such file or directory
[Email protected] share]# Getfacl RootDir
rootdir1/rootdir2/
[Email protected] share]# Getfacl Rootdir1
# File:rootdir1
# Owner:root
# Group:root
User::rwx
User:user1:rwx
Group::r-x
Mask::rwx
Other::r-x
Default:user::rwx
Default:user:user1:rwx
Default:group::r-x
Default:mask::rwx
Default:other::r-x
[Email protected] share]#
Now use User1 to enter this directory to detect permissions:
[Email protected] share]$
[Email protected] share]$
[Email protected] share]$
[email protected] share]$ LL
Total 8
-rw-rw-r--+ 1 root root 0 Nov 22:52 Roota
-rw-rw-r--+ 1 root root 0 Nov 22:52 ROOTB
drwxrwxr-x+ 2 root root 6 Nov 22:52 Rootdir1
drwxrwxr-x+ 2 root root 6 Nov 22:52 Rootdir2
[email protected] share]$ Touch User1a
[email protected] share]$ Touch User1dir1
[[email protected] share]$ Getfacl user1a//View New file permissions
# File:user1a
# Owner:user1
# Group:user1
user::rw-
USER:USER1:RWX #effective: rw-
Group::r-x #effective: r--
mask::rw-
other::r--
[[Email protected] share]$ RM Roota//Try to delete the file created by root, successfully
[[Email protected] share]$ RM rootdir1//Try to delete the directory created by Root, successfully
Rm:cannot Remove Arootdir1a:is a directory
[Email protected] share]$ RM rootdir1-r
[email protected] share]$ LL
Total 4
-rw-rw-r--+ 1 root root 0 Nov 22:52 ROOTB
drwxrwxr-x+ 2 root root 6 Nov 22:52 Rootdir2
-rw-rw-r--+ 1 user1 user1 0 Nov 22:57 User1a
-rw-rw-r--+ 1 user1 user1 0 Nov 22:57 User1dir1
[Email protected] share]$
Therefore, when there is a need to do the root of the inheritance operation, you can use this side to achieve.
In the new RHEL7, there will be new tools chacl similar to Setfacl.
- Related articles recommended:
- An explanation of the SSH configuration file
- Linux File system path learning
- Linux Folder permissions Creation method
- This article comes from: Hobby Linux
- This article link: http://www.ahlinux.com/start/base/9450.html
Create files in Linux through the SETFACL implementation directory