1 ) To check if your ext4 filesystem has the proper default options, use tune2fs as below :
------------------------------------------------------------------------------------------------------------------------
a) give user bob read+write+execute on a file:
----------------------------------------------------------------------------------------------------------------------------------------
5)remove bob's ACL permissions:
-------------------------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------------
# tune2fs -l /dev/sdb1
--------------------------------------------------------------------------------------
2 ) To enable ACLs on a filesystem, we must set the fs default and remount:
-------------------------------------------------------------------------------------------
# tune2fs -o acl /dev/sdb1 # mount -o remount,acl /data1
-------------------------------------------------------------------------------------------
3) Use getfacl to view ACLs:
-------------------------------------------------------------
# touch /data1/foo.txt
# getfacl /data1/foo.txt
-------------------------------------------------------------
4) Use setfacl to set ACLs, with -m to modify and -x to remove a given ACL. a) give user bob read+write+execute on a file:
----------------------------------------------------------------------------------------------------------------------------------------
#setfacl -m u:bob:rwx /data1/foo.txt
b)give group peeps read+write on a file:
#setfacl -m g:peeps:rw /data1/foo.txt--------------------------------------------------------------------------------------------------------------------------------------
5)remove bob's ACL permissions:
-------------------------------------------------------------------------------------------------------------------------------------
#setfacl -x u:bob /data1/foo.txt
-----------------------------------------------------------------------------------------------
6)setfacl permission to directory
------------------------------------------------------------------------------------------------
#setfacl -m d:g:peeps:rw /data1/stuff/
----------------------------------------------------------------------------------------------
7) revoke write permission for everyone:
---------------------------------------------------------------------------------------------------
#setfacl -m m::rx /data1/foo.txt
-------------------------------------------------------------------------------------------------
8) When ACLs are present, an ls -l will show a plus sign to notify you:
--------------------------------------------------------------------------------------------------
# ls -l /data1/foo.txt -rw-rwxr--+ 1 root root 0 Dec 3 14:54 /data1/foo.txt--------------------------------------------------------------------------------------------------------------------------------------
No comments:
Post a Comment