Setfacl setting permissions for a specific directory

The existing directory is shared between virtual machines and Linux, but each time the program calls the newly created file, it finds no permissions.

This specifies that a new file or directory under a specific directory and its subdirectories has read and write permissions for the user Qhfz

-r = recursive-m for setting file ACL rules

Setfacl-r-M D:u:qhfz:rwx/data2/resourcecase

Setfacl-r-M D:u: resourcecase:rwx/data2/resourcecase

--remove ACL rule using-B

Setfacl-r-b/data2/resourcecase

Above d:u: see below, and perms corresponds to RWX:

The SETFACL command can recognize the following rule formats.

[D[efault]:] [u[ser]:]uid[:p Erms]

Specifies the permissions of the user, the permissions of the file owner (if the UID is not specified).

[d[efault]:]g[roup]:gid[:p Erms]

Specify permissions for the group, permissions for all groups of the file (if GID is not specified)

[d[efault]:]m[ask][:][:p Erms]

Effective permission Mask

[d[efault]:]o[ther][:p Erms]

#perms域是一个代表各种权限的字母的组合: Read: R write: W Execute: X, execute only for directory and some executable files. The Perms field can also be set to octal format 0~7.

#其他的权限

Usage:setfacl[-bkndrlp]{-m|-m|-x|-x ...} File ... #-m|-m|-x|-x

-M,--Modify=acl Modify the current ACL (s) of file (s) #设置文件acl规则

-M,--Modify-file=file read ACL entries to modify from file #从文件读取访问控制列表条目更改

-X,--remove=acl remove entries from the ACL (s) of file (s) #删除文件的acl规则

-X,--remove-file=file readacl entries to remove from file #从文件读取访问控制列表条目并删除

-B,--remove-all remove all extended ACL entries # removes all extended ACL rules, basic ACL rules (owners, groups, others) will be retained.

-K,--Remove-default Remove the Defaultacl #删除缺省的acl规则. If there is no default rule, you will not be prompted.

--set=acl set the ACL of file (s), replacing the current ACL.

--set-file=file readacl entries toset from file #从文件中读设置ACL规则.

--mask Dorecalculate The effective rights mask #重新计算有效权限 even if ACL mask is explicitly specified.

-N,--no-mask don ' trecalculate the effective rights mask #不要重新计算有效权限. Setfacl ACL mask is recalculated by default unless mask is explicitly formulated.

-D,--Default operations apply tothe Defaultacl #设定默认的acl规则 for catalogs.

-R,--recursive recurse into subdirectories #递归的对所有文件及目录进行操作.

-L,--Logical logical Walk,follow Symbolic links #跟踪符号链接, by default only the symbolic link file is tracked and the symbolic link directory is skipped.

-P,--Physical physical Walk,donotfollow symbolic links #跳过所有符号链接, including symbolic link files.

--restore=file Restore ACLs (inverse of ' getfacl-r ') #从文件恢复备份的acl规则 (these files can be generated by getfacl-r). This mechanism allows you to recover ACL rules for the entire directory tree. This parameter cannot be executed in conjunction with any parameters other than--test.

--test Testmode (ACLs is notmodified) #测试模式, does not change the ACL rules of any file, the ACL specification after operation will be listed.

-V,--version print version Andexit #版本.

-H,--Help Thishelp text #不用说肯定是帮助了.

When a rule is read from a file using the-m,-x option, Setfacl accepts the format of the GETFACL command output. At least one rule per line, lines starting with # are treated as comments.

Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.

Setfacl setting permissions for a specific directory