Linux特殊的文件控制权限FACL
对文件设置特殊的权限,FACL(File Access Control List)
ACL简介
基本ACL操作
getfacl 查看文件权限 setfacl 设定acl权限
设置file的ACL权限
[root@mvpbang tmp]# setfacl -m u:ftp:rwx 1.sh [root@mvpbang tmp]# [root@mvpbang tmp]# ll 1.sh -rw-rwxr--+ 1 ftp ftp 67 Sep 17 16:12 1.sh #文件详情多个+ [root@mvpbang tmp]# getfacl 1.sh # file: 1.sh # owner: ftp # group: ftp user::rw- user:ftp:rwx #多个附属的ftp的权限 group::r-- mask::rwx other::r--
setfacl命令参数
[root@mvp tmp]# setfacl -h setfacl 2.2.49 -- set file access control lists Usage: setfacl [-bkndRLP] { -m|-M|-x|-X ... } file ... -m, --modify=acl modify the current ACL(s) of file(s) -M, --modify-file=file read ACL entries to modify from file -x, --remove=acl remove entries from the ACL(s) of file(s) -X, --remove-file=file read ACL entries to remove from file -b, --remove-all remove all extended ACL entries -k, --remove-default remove the default ACL --set=acl set the ACL of file(s), replacing the current ACL --set-file=file read ACL entries to set from file --mask do recalculate the effective rights mask -n, --no-mask don't recalculate the effective rights mask -d, --default operations apply to the default ACL -R, --recursive recurse into subdirectories -L, --logical logical walk, follow symbolic links -P, --physical physical walk, do not follow symbolic links --restore=file restore ACLs (inverse of `getfacl -R') --test test mode (ACLs are not modified) -v, --version print version and exit -h, --help this help text