Create files in Linux through the SETFACL implementation directory

Source: Internet
Author: User

In a Linux system, you can use Setfacl to create files or subdirectories under the directory and inherit permissions from the parent directory.

The following root with the ordinary user user1. Under directory/mnt

[[email protected] mnt]# setfacl-m u:user1:rwx share//Add ower = User1 for the directory and give rwx the right root.

[[Email protected]redhat-7 mnt]# setfacl-d-M u:user1:rwx share//Add default ACL permissions for directory, creating directories and files under this directory will inherit this permission information

[Email protected] mnt]#

[Email protected] mnt]#

[[email protected] mnt]# Getfacl share//view share Facl Info

# File:share

# Owner:root

# Group:root

User::rwx

USER:USER1:RWX//At this time User1 can have write access to share

Group::r-x

Mask::rwx

Other::r-x

DEFAULT:USER::RWX//Default subdirectory or file permissions information

Default:user:user1:rwx

Default:group::r-x

Default:mask::rwx

Default:other::r-x

[Email protected] mnt]# CD share/

[[email protected] share]# ls

[email protected] share]# Touch Roota

[email protected] share]# Touch ROOTB

[Email protected] share]# mkdir Rootdir1

[Email protected] share]# mkdir ROOTDIR2

[[email protected] share]# ls

Roota ROOTB Rootdir1 Rootdir2

[Email protected] share]# Getfacl Roota

# File:roota

# Owner:root

# Group:root

user::rw-

USER:USER1:RWX #effective: rw-

Group::r-x #effective: r--

mask::rw-

other::r--

[Email protected] share]# Getfacl Rootdira

Getfacl:rootdira:No such file or directory

[Email protected] share]# Getfacl RootDir

rootdir1/rootdir2/

[Email protected] share]# Getfacl Rootdir1

# File:rootdir1

# Owner:root

# Group:root

User::rwx

User:user1:rwx

Group::r-x

Mask::rwx

Other::r-x

Default:user::rwx

Default:user:user1:rwx

Default:group::r-x

Default:mask::rwx

Default:other::r-x

[Email protected] share]#

Now use User1 to enter this directory to detect permissions:

[Email protected] share]$

[Email protected] share]$

[Email protected] share]$

[email protected] share]$ LL

Total 8

-rw-rw-r--+ 1 root root 0 Nov 22:52 Roota

-rw-rw-r--+ 1 root root 0 Nov 22:52 ROOTB

drwxrwxr-x+ 2 root root 6 Nov 22:52 Rootdir1

drwxrwxr-x+ 2 root root 6 Nov 22:52 Rootdir2

[email protected] share]$ Touch User1a

[email protected] share]$ Touch User1dir1

[[email protected] share]$ Getfacl user1a//View New file permissions

# File:user1a

# Owner:user1

# Group:user1

user::rw-

USER:USER1:RWX #effective: rw-

Group::r-x #effective: r--

mask::rw-

other::r--

[[Email protected] share]$ RM Roota//Try to delete the file created by root, successfully

[[Email protected] share]$ RM rootdir1//Try to delete the directory created by Root, successfully

Rm:cannot Remove Arootdir1a:is a directory

[Email protected] share]$ RM rootdir1-r

[email protected] share]$ LL

Total 4

-rw-rw-r--+ 1 root root 0 Nov 22:52 ROOTB

drwxrwxr-x+ 2 root root 6 Nov 22:52 Rootdir2

-rw-rw-r--+ 1 user1 user1 0 Nov 22:57 User1a

-rw-rw-r--+ 1 user1 user1 0 Nov 22:57 User1dir1

[Email protected] share]$

Therefore, when there is a need to do the root of the inheritance operation, you can use this side to achieve.

In the new RHEL7, there will be new tools chacl similar to Setfacl.

    • Related articles recommended:
    • An explanation of the SSH configuration file
    • Linux File system path learning
    • Linux Folder permissions Creation method
    • This article comes from: Hobby Linux
    • This article link: http://www.ahlinux.com/start/base/9450.html

Create files in Linux through the SETFACL implementation directory

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.