Experience 3-directory of the default ACL if we want a new file in the directory and the directory will use the same predetermined ACL, then we can use the default ACL (Default).
In a directory set a default ACL, each in a file created in the directory automatically inherit the directory of the default ACL ACL as their own. Using setfacl-d option to do this: root @ FC3-vm mnt] # setfacl-d--setg: testg1: rwxdir1root @ FC3-vm mnt] # getfacldir1 # file: dir1 # owner: root # group: rootuser:: rwxgroup:: r-xother:: user:: r-xdefault: rwxdefault: group:: r-xdefault: group: testg1: rwxdefault: rwxdefault: mask:: other:: r-x can see the default ACL has been set up. Create a file try: root @ FC3-vm mnt] # touchdir1/ile1root @ FC3-vm mnt] # getfacldir1/ile1 # file: dir1/ile1 # owner: root # group: rootuser:: rw-group:: r-x # effective: r--group: testg1: rwx # effective: rw-mask:: rw-other:: r--file1 automatically inherits the dir1 on testg1 set ACL. It was only because of the existence of the mask allows testg1 only get rw-permissions. Experience 4-backup and restore ACL key file operations command cp and mv supports ACL, but cp command needs to be combined with the-p parameter. But tar and other common's backup tool does not retain the directory and file ACL information. If you want to back up and restore with ACL files and directories, then you can put the ACL backup to a file. After using--restore options to reply to this file saved ACL information: root @ FC3-vm mnt] # getfacl-Rdir1 > dir1.aclroot @ FC3-vm mnt] # ls-ldir1.acltotal16-rw-r--r--1rootroot310Dec1221: 10dir1.acl we use the-b option to delete all the ACL data, to simulate a reply from a backup of files and directories: root @ FC3-vm mnt] # setfacl-R-bdir1root @ FC3-vm mnt] # getfacl-Rdir1 # file: dir1 # owner: root # group: rootuser:: rwxgroup:: r-xother:: r-x # file: dir1/ile1 # owner: root # group: rootuser:: rw-group:: r--other:: r--now we recover from dir1.acl deleted ACL information: root @ FC3-vm mnt] # setfacl--restoredir1.aclroot @ FC3-vm mnt] # getfacl-Rdir1 # file: dir1 # owner: root # group: rootuser:: rwxgroup:: r-xdefault: r-xother:: user:: rwxdefault: group:: r-xdefault: group: testg1: rwxdefault: rwxdefault: mask:: other:: r-x # file: dir1/ile1 # owner: root # group: rootuser:: rw-group:: r-x # effective: r--group: testg1: rwx # effective: rw-mask:: rw-other:: r--closing the ACL introduction makes large-scale complex rights management can be easily implemented on Linux. For this store a user/home files partition, you can achieve more efficient management. But we also see the backup utility, the lack of good in FC2, has begun to include in the star that support ACLs backup tool, although it is still alpha version. In a single file by the number of ACL entries, the different file systems have different restrictions. Ext2 and Ext3 can only support each file 25 ACL entries. ReiserFS and JFS can support more than 8,000 entries. This regard Ext * file system also needs to be strengthened. No matter how complex the system, the file system permissions management are the most basic content. While Linux on ACL support, is a management tool for mass user system, on Linux in large-scale enterprise applications easier to play a greater role in Tim was a fire. Original link: http://www-128.ibm.com/developerworks/cn/linux/l-acl/index.html#autor
No comments:
Post a Comment