User Rights List

# # # #1. definition of permission list ####

Specify a record table that special users have special permissions on a file

# # # #2. recognition of permission lists ####

-rw-rw-r--+ 1 root root Oct 21:20 file # # permission bit has plus permission list open

-rw-r--r--. 1 root root 0 Oct 21:22 westos # # permission bit is . permission list not activated

650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M01/89/CE/wKioL1gdyoLx-fJ5AABsfdNF_PQ326.png-wh_500x0-wm_3 -wmp_4-s_2094186239.png "title=" image 1.png "alt=" wkiol1gdyolx-fj5aabsfdnf_pq326.png-wh_50 "/>

# # # #3. view of the permission list ####

Getfacl file

# File:file # # file name

# Owner:root # # file owner

# Group:root # # file all groups

user::rw- # # file owner permissions

user:test:rw- # # Special specified user rights

group::r-- # # group Permissions

mask::rw- # # permission threshold

other::r-- # # Other people permissions

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M02/89/D1/wKiom1gdyo_RhDpnAACAFX-vsWA329.png-wh_500x0-wm_3 -wmp_4-s_1930267691.png "title=" image 2.png "alt=" wkiom1gdyo_rhdpnaacafx-vswa329.png-wh_50 "/>

# # # #4. How to set ACL List

setfacl-m u:username: permissions filename

setfacl-m U:TEST:RW file # # Specifies that the test user can read and write to the file

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M00/89/CE/wKioL1gdypmwVegEAACilb8OUK4169.png-wh_500x0-wm_3 -wmp_4-s_2081506520.png "title=" image 3.png "alt=" wkiol1gdypmwvegeaacilb8ouk4169.png-wh_50 "/>

setfacl-x u:student File # # Remove student user Information from the list

setfacl-x g:student File # # Remove student Group Information from the list

setfacl-b File # # Close list

# # # #5. Mask Permission Threshold # # # #

If you perform chmod on a file with a permission list , it is likely that the mask in this permission list will be modified

Mask gives special users the ability to gain a larger privilege value

setfacl-m m: permissions # # Modify the value of the mask

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M02/89/CE/wKioL1gdyqSweQUvAADPT6en-2I184.png-wh_500x0-wm_3 -wmp_4-s_2713837143.png "title=" image 4.png "alt=" wkiol1gdyqswequvaadpt6en-2i184.png-wh_50 "/>

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M00/89/D1/wKiom1gdyrGwSuMpAABcGO413UE400.png-wh_500x0-wm_3 -wmp_4-s_1512792625.png "title=" image 5.png "alt=" wkiom1gdyrgwsumpaabcgo413ue400.png-wh_50 "/>

# # # #6. Default Permissions ####

When we need to create a new file or directory in the specified directory that has special permissions for the specified user

Setfac-m d:u:username: permissions filename

Default permissions do not take effect on existing files

Default permissions do not take effect on the directory itself

ACL function in rhel6 requires activation

dumpe2fs/dev/vda1 | grep moun View vda1 's information T

Tune2fs-o acl/dev/vda1 open ACL

Tune2fs-o ^acl/dev/vda1 close ACL

User Rights List