Linux ACL访问控制表

Standard

setfacl -m <rules> <files>
rules的格式如下,多条规则间可用逗号分隔。
u:uid:perms #为用户设置ACL,perms为r、w、x的组合
g:gid:perms #为组设置ACL
o:perms #为其它组设置ACL
m:perms #设置有效权限屏蔽

[[email protected] ~]# cd /home/
[[email protected] home]# mkdir test
[[email protected] home]# ll
total 12
drwxr-xr-x 2 root root 4096 2007-11-20 10:20 test

此时userman用户操作
[[email protected] ~]$ cd /home/ (有权限进入)

[[email protected] home]# chmod 700 ./test/
[[email protected] home]# ll
total 12
drwx—— 2 root root 4096 2007-11-20 10:20 test

此时userman用户操作
[[email protected] home]$ cd test/
-bash: cd: test/: Permission denied (无权限进入)

[[email protected] home]# getfacl test/ (查看当前test目录访问权限)
# file: test
# owner: root
# group: root
user::rwx
group::—
other::—
[[email protected] home]# setfacl -m u:userman:rwx test/ (root为test目录新增userman的读写访问权限)
[[email protected] home]# getfacl test/ (查看当前test目录访问权限,下面多了一条userman的权限)
# file: test
# owner: root
# group: root
user::rwx
user:userman:rwx
group::—
mask::rwx
other::—

此时userman用户操作
[[email protected] ~]$ cd /home/ (有权限进入)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.