Experience the basic 1-ACL: Add and modify my first create a file as an object implementing ACL: root @ FC3-vm mnt] # touchile1root @ FC3-vm mnt] # ls-lile1-rw-r--r--1rootroot7Dec1100: 28file1 and then look at this file, the default ACL, then this file in addition to the usual UGO's permission, and no ACL: root @ FC3-vm mnt] # getfaclile1 # file: ile1 # owner: root # group: rootuser:: rw-group:: r--other:: r-* Note: even if the ACL is not supported, the getfacl still returns a result.
However setfacl is unable to work. The following add several users and groups, for a moment I will use the ACL gives them different permissions: root @ FC3-vm mnt] # groupaddtestg1root @ FC3-vm mnt] # useraddtestu1root @ FC3-vm mnt] # useraddtestu2root @ FC3-vm mnt] # usermod-Gtestg1testu1 now we look at what you can do: testu1 root @ FC3-vm mnt] # sutestu1testu1 @ FC3-vm mnt] $ echo "testu1" > > ile1bash: file1: Permissiondenied failed. Because file1 does not allow the addition of a user other than root. We will now modify the ACL gives file1 testu1 sufficient permissions: root @ FC3-vm mnt] # setfacl-mu: testu1: rwile1root @ FC3-vm mnt] # sutestu1testu1 @ FC3-vm mnt] $ echo "testu1" > > ile1testu1 @ FC3-vm mnt] $ catile1testu1 modify succeeded, the user can do on testu1 file1 read and write operations. Let's take a look at the ACL file1: testu1 @ FC3-vm mnt] $ getfaclile1 # file: ile1 # owner: root # group: rootuser:: rw-user: testu1: rw-group:: r--mask:: rw-other:: r-our ls look: root @ FC3-vm mnt] # ls-lile1-rw-rw-r--+ 1rootroot7Dec1100: 28file1 can see the "+"? as often we see next to the permission bits. This statement sets the ACL file1, next we modify it testu1, while to the group to read testg1: root @ FC3-vm mnt] # setfacl-mu: testu1: rwx, g:testg1: rile1root @ FC3-vm mnt] # getfaclile1 # file: ile1 # owner: root # group: rootuser:: rw-user: testu1: rwxgroup:: r--group: testg1: r--mask:: rwxother:: r-
No comments:
Post a Comment