In a Linux system, you can use Setfacl to create files or subdirectories under the directory and inherit permissions from the parent directory.
The following root with the ordinary user user1. Under directory/mnt
[[email protected] mnt]# setfacl -m u:user1:rwx share //add ower = user1  to the directory, and give rwx the right root. [[email protected] mnt]# setfacl -d -m u:user1:rwx share //adds default ACL permissions for the directory, and the directories and files created under this directory inherit this permission information [[email protected] mnt]#[[email protected] mnt]#[[email protected] mnt]# getfacl share //View Share's Facl information # file: share# owner: root# group: rootuser::rwxuser :user1:rwx // at this time User1 can have write permission to share group:: r-xmask::rwxother::r-xdefault:user::rwx //the default subdirectory or file permissions information default:user:user1:rwxdefault:group::r-xdefault:mask::rwxdefault:other::r-x[[email Protected] mnt]# cd share/[[email protected] share]# ls[[email protected] share]# touch roota[[email protected] share]# touch rootb[[email protected] share]# mkdir rootdir1[[email protected] share]# mkdir rootdir2[ [email protected] share]# lsroota rootb rootdir1 rootdir2[[ email protected] share]# getfacl roota# file: roota# owner: root# group: rootuser::rw-user:user1:rwx #effective: Rw- group: :r-x #effective:r--mask::rw-other::r--[[email protected] share]# getfacl rootdiragetfacl: Rootdira: no such file or directory[[email protected] share]# getfacl rootdirrootdir1/ rootdir2/[[email protected] share]# getfacl rootdir1# File: rootdir1# owner: root# group: rootuser::rwxuser:user1:rwxgroup::r-xmask:: rwxother::r-xdefault:user::rwxdefault:user:user1:rwxdefault:group::r-xdefault:mask::rwxdefault:other::r-x[[ Email protected] share] #现在用user1 Enter this directory to detect permissions:
[Email protected] share]$
[Email protected] share]$
[Email protected] share]$
[email protected] share]$ LL
Total 8
-rw-rw-r--+ 1 root root 0 Nov 22:52 Roota
-rw-rw-r--+ 1 root root 0 Nov 22:52 ROOTB
drwxrwxr-x+ 2 root root 6 Nov 22:52 Rootdir1
drwxrwxr-x+ 2 root root 6 Nov 22:52 Rootdir2
[email protected] share]$ Touch User1a
[email protected] share]$ Touch User1dir1
[[email protected] share]$ Getfacl user1a//View New file permissions
# File:user1a
# Owner:user1
# Group:user1
user::rw-
USER:USER1:RWX #effective: rw-
Group::r-x #effective: r--
mask::rw-
other::r--
[[Email protected] share]$ RM Roota//Try to delete the file created by root, successfully
[[Email protected] share]$ RM rootdir1//Try to delete the directory created by Root, successfully
Rm:cannot Remove Arootdir1a:is a directory
[Email protected] share]$ RM rootdir1-r
[email protected] share]$ LL
Total 4
-rw-rw-r--+ 1 root root 0 Nov 22:52 ROOTB
drwxrwxr-x+ 2 root root 6 Nov 22:52 Rootdir2
-rw-rw-r--+ 1 user1 user1 0 Nov 22:57 User1a
-rw-rw-r--+ 1 user1 user1 0 Nov 22:57 User1dir1
[Email protected] share]$
Therefore, when there is a need to do the root of the inheritance operation, you can use this side to achieve.
In the new RHEL7, there will be new tools chacl similar to Setfacl.
This article from "Sea Boundless" blog, reproduced please contact the author!
Using Facl in a Linux system to implement the owning group that creates a file that inherits the permissions of the parent directory under the directory