Home > Developer > Linux

Linux ACL access control list system collation

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >


ACL


##### #文件的访问控制 (ACL) ########
###############################
*********acl definition: ***********
Definition: Specifies that special users have special permissions on certain files
-rw-r--r--+ 1 root root 0 Jul 14:02 file1
here + means to open the table, when there is a +, the file's normal permissions expire, need to Getfacl view Ugo permissions

Getfacl file1
# File:file1 #文件名
# Owner:root #文件拥有者
# Group:root #所属组
user::rw-#文件拥有者权限
USER:LEO:RWX #特殊用户权限
group::r--#组权限
group:caiwu:r--#特殊组权限
Mask::rwx #权限掩码 (means permission cannot be exceeded here)
other::r--#其他人权限
Note: When the table is opened-rw-r--r--+ 1 normal permissions do not take effect, only mask will affect the user's permissions
**********acl Operation ***************
Getfacl Fire|dir #查看acl表格
Setfacl-m u: User: rwx file|dir #添加特殊用户
Setfacl-m g: Group: rwx File|dir #添加特殊组
Setfacl-x u: User file|dir #删除特殊用户
Setfacl-x g: Group File|dir #删除特殊组
Setfacl-b File|dir #删除acl表格
*********mask Permission Mask ***********
1.mask Permission Mask
Mask is used to give the user maximum privileges
Getfacl file
# File:file
# Owner:root
# Group:jishu
User::rwx
User:student:r-x #effective: r--# # #因为mask为r, so here the maximum permission is R
group::r--
mask::r--
Other::rwx
Can be corrupted when you change file normal permissions with chmod
Repair
Setfacl-m m:rwx file name

********acl default Permissions ************
When we need a directory for student writable, and the new subdirectory in the directory to student can also be written
The default default permissions must be set

Note: The default permissions are only valid for newly created files or directories in the directory, not for the files already created, or for the directory itself

>>>setfacl-m d:u:student:rwx hhh/#给hhh/default Permission object is student

>>>>getfacl hhh/#查看给后的权限
# file:hhh/
# Owner:root
# Group:root
User::rwx
User:student:rwx
Group::r-x
Mask::rwx
Other::r-x
Default:user::rwx#此处代表文件有了默认权限
Default:user:student:rwx
Default:group::r-x
Default:mask::rwx
Default:other::r-x

>>>touch HHH/PPPTest establishes PPP in hhh/also has default permissions
>>>getfacl ppp/
# file:ppp/
# Owner:root
# Group:root
User::rwx
User:student:rwx
Group::r-x
Mask::rwx
Other::r-x
Default:user::rwx
Default:user:student:rwx
Default:group::r-x
Default:mask::rwx
Default:other::r-x

Linux ACL access control list system collation

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
anti passback access control system linux role based access control cisco 1120 secure access control system mysql collation list sql collation list mandatory access control vs discretionary access control collation

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More