The learning of ACL permissions

Source: Internet
Author: User

Acl

ACL: An access control list whose primary purpose is to add some "users" to the table and to control the behavior of those users.

Case:

There is a folder that project is created by the root user and has the following permissions on the file drwxrwx--- , and now a new user called John,root users just want John to have a readable executable permission for this folder, However, you do not want to change the original permissions for the file. At this time, Linux provides a user rights management mechanism is not enough, requires ACLs to manage the user, through the ACL we can ignore the directory/file of the original permissions, but directly to a user assigned to a directory/file permissions.

Instructions for use 1. Check if the ACL is turned on

The use of ACLs is related to partitioning, and if you want to see whether ACLs can be used, you need to see if the partition supports ACLs.

    • viewing system partitions

  

    • View a partition details dumpe2fs-h/dev/mapper/vg_www-lv_root

  

Indicates that the partition supports ACLs

    • If a partition does not support ACLs, it needs to be re-mounted and assigned permissions

  

  

  Note: In general, defaults is the one that contains ACL permissions

2. Set ACL permissions

Set permissions on the project folder for user dy

  

  

View File Permissions

  

3. Maximum Effective permission mask

Mask is used to specify the maximum effective permissions. The user's real permissions are given to the user's permissions and mask permissions.

Mask also affects the permissions of the owning group

  

4. Remove ACL permissions

# setfacl-x u: User name file name//delete permissions for the specified user

# setfacl-x G: Group name File name//delete specified user group

# setfacl-b file name//Remove all ACL permissions

5. Default ACL permissions

The default ACL permissions function is that after the parent directory specifies ACL permissions, all new files/directories created under the parent directory inherit ACL permissions from the parent directory

#setfacl-M D:u: User name: Permission file name

The learning of ACL permissions

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.