You may have heard or encountered something like this: a system administrator Cainiao accidentally enters & quot; chmod-R777/& quot;, leading to a huge tragedy, this severely damaged the entire system. In daily management, we have many tools that can be used to back up file permissions.
You may have heard or encountered this: a system administrator Cainiao accidentally entered "chmod-R 777/", resulting in a huge tragedy and serious damage to the entire system. In daily management, many tools can be used to back up file permissions, such as cp, rsync, and etckeeper. If you use this backup tool, you do not need to worry about changing file permissions.
However, if you only want to temporarily back up the file permission (rather than the file itself), for example, to prevent the contents of some directories from being overwritten, temporarily remove all file write permissions under this directory; or, you need to run the chmod command on the file while excluding the file permission. In these cases, we can back up the original file before its permissions are changed, and restore the original permissions when we need it. In many cases, if you only want the permissions to back up files, it is unnecessary to back up the entire file.
In Linux, it is easy to use the access control list (ACL) to back up and restore file permissions. ACL defines the permissions for a single file on the posix-compatible file system based on the master and group.
The following shows how to use the ACL tool to back up and restore Linux file permissions.
1. install the ACL tool
On Debian, Ubuntu, and Linux Mint
$ Sudo apt-get install acl
On CentOS, Fedora, and RHEL
$ Sudo yum install acl
2. back up permissions for all files in the current directory (including subdirectories)
[Root @ linuxprobe tmp] # ls-l
Total 8
-Rwxr -- r --. 1 root 0 Mar 3 04:40 install.txt
-Rwxr-xr-x. 1 root 0 Mar 3 linuxprobe.txt
[Root @ linuxprobe tmp] # getfacl-R.> permissions.txt
...
This command writes all the aclinformation of all files into the permissions.txt file.
The following example shows some directory information in the permissions.txt file.
[Root @ linuxprobe tmp] # cat permissions.txt
# File :.
# Owner: root
# Group: root
# Flags: -- t
User: rwx
Group: rwx
Other: rwx
# File: install.txt
# Owner: root
# Group: root
User: rwx
Group: r --
Other: r --
# File: linuxprobe.txt
# Owner: root
# Group: root
User: rwx
Group: r-x
Other: r-x
# File: permissions.txt
# Owner: root
# Group: root
User: rw-
Group: r --
Other: r --
...
3. modify the permissions of a file, for example, linuxprobe.txtand install.txt.
[Root @ linuxprobe tmp] # chmod 733 linuxprobe.txt
[Root @ linuxprobe tmp] # chmod 573 install.txt
[Root @ linuxprobe tmp] # ls-l
Total 8
-R-xrwx-wx. 1 root 0 Mar 3 04:40 install.txt
-Rwx-wx. 1 root 0 Mar 3 linuxprobe.txt
-Rw-r --. 1 root 4361 Mar 3 permissions.txt
......
4. restore original permissions
1)cdto the directory where permissions.txt was created
2) execute the following command:
Setfacl --restore1_permissions.txt
You can see that the linuxprobe.txtand install.txt permissions have been restored.
[Root @ linuxprobe tmp] # setfacl --restore1_permissions.txt
[Root @ linuxprobe tmp] # ls-l
Total 8
-Rwxr -- r --. 1 root 0 Mar 3 04:40 install.txt
-Rwxr-xr-x. 1 root 0 Mar 3 linuxprobe.txt
-Rw-r --. 1 root 4361 Mar 3 permissions.txt
......