Windows system is similar to Linux system, Windows system files, directory properties are read-only, hidden, and Linux is the same.
In Linux, every file has specific properties. It mainly includes two aspects: file type and file permission. There are five different types: normal files, catalog files, linked files, device files, and pipe files.
The so-called file permissions refer to access rights to files, including reading, writing, deleting, and executing files. Linux is a multi-user operating system that allows multiple users to log in and work at the same time. So Linux associates a file or directory with a user or group. The Access Control List (ACL) provides better access control for computers. It is used to restrict access to files, resources, or sockets for all users, including the root user. Here's how to set up a simple setup method.
Step 1 Check the system core
First check if the core of your Linux system has ACL support. Because the Linux system does not have the ability to support ACLs at the core of every version, the easiest way is to check whether the current core of the system can support:
[root@mail /]# cat /boot/config -kernel-version |
Grep -i ext3
CONFIG_EXT3_FS=m
CONFIG_EXT3_IDEX=y
CONFIG_EXT3_FS_XATTR_SHARING=y
CONFIG_EXT3_FS_XATTR_USER=y
CONFIG_EXT3_FS_XATTR_TRUSTED=y< Br>
CONFIG_EXT3_FS_ACL=y
If you can see the above items, it means that it has been compiled into the kernel. The ext3 file system already supports the ACL function. These functions can be found in the compile kernel options. . If you can't find it at compile time, you can go to the ACL's official website to install Kernel (acl.bestbits.at/).
Step 2 Mounting the partition
You can mount the partition and enable the ACL in the following ways:
#mount -t ext3 -o acl /dev/sda1 /fs1
You can also write directly in the /etc/fstab file so that you can support ACL after booting:
#vi /etc/fstab
Step 3 ACL Permissions
ACLs are often set up for individual users. Here are a few different examples:
For example, you need to create test1, test2, and test3 users. You can log in to the system as root first. Then execute the following command to create three usernames and passwords respectively:
[root@mail root]#adduser test1
[root@mail root]#adduser test2
[ ,null,null,3],Root@mail root]#adduser test3
[root@mail root]#passwd test1
[root@mail root]#passwd test2
[root@mail root] #passwd test3
Then mount an ext3 file to the directory /fs1:
[root@mail root]#mount -t ext3 -o acl /dev/sda1 /fs1
Set the file created by test1 to read and write Permissions for test2 :
[root@mail root]#chmod -R 777 /fs1
Allow all users to add files to the directory:
Log in to the system with test1 and execute the command:
[test1@mail test1]# cd /fs1
[test1@mail fs1]# echo "Create by test1" > test1.txt< Br>
[test1@mail fs1]# chmod go-r test1.txt
[test1@mail fs1]# ll test1.txt
-rw------ - 1 test1 test1 17 Jul 14 22:11 test1.txt
The following operations can be used to save test1.txt permissions (except root) except for the read and write permissions of test1. Test2 After logging in to the system, execute the following command:
[test2@mail test2]# cd /fs1
[test2@mail fs1]# cat test1.txt
cat : test1 .txt Permission denied
Then log in to the system with test1 and execute the following command:
[test1@mail fs1]# setfacl -mu:test2:rw test1.txt
Modifying permissions allows test2 to have read and write access to this file. Let's take a look at the changes in its file attributes:
[test1@mail fs1]# ll
-rw-rw-r--+ 1 test1 test1 10 Feb 16 13:52 test1. Txt
will see an additional "+", indicating that the file uses the ACL attribute settings, and then use the command getfacl to view the ACL file attribute settings:
[test1@ Mail fs1]# getfacl test1.txt
# file: test1.txt
# owner: test1
# group: test1
user::rw -
user:test2:rw-
group::rw-
mask::rw-
other::r--
You can see that test2 has permission to read and write this file.
We use test2 to log in to the system and execute the following command to see what happened?
[test2@mail test2]# cd /fs1
[test2@mail fs1]# cat test1.txt
Create by test1
Original test2 You can read the test1.txt file.
[test2@mail fs1]# echo "Modify by test2" >> test1.txt
[test2@mail fs1]# cat test1.txt
Create by test1
Modify by test2
Now test2 can also modify the test1.txt file.
Then log in to the system with test3:
[test3@mail test3]# cd /fs1
[test3@mail fs1]# cat test1.txt
cat : test1.txt Permission denied
嘿嘿, except for test1, test2, no other user has permission to read and write test1.txt (except root).
Although watching it is a little dizzy, in fact, the command is such one or two, mainly to explain the situation to everyone, so that everyone will find in Linux, compared to the vulnerable Windows permissions protection Linux is doing quite well!
Some users who use WinXP system often need to copy or move files in their work, but
How to burn CD files in WinXP system? I think there must be users who dont know abo
WinXP computer will enter screen saver mode when it is not used for a long time. If
According to foreign media reports, on Tuesday, Microsoft released two security patches to fix three
WinXP system prompts did not find iertutil.dll how to do?
How to quickly open shared documents
Cleverly improve the speed of XP access to LAN shared files
How to solve the problem of WinXP computer boot prompts on the network
Repair method of blue screen when playing the Hearthstone in XP system
WinXP League of Legends can not open the solution
How does WinXP turn off the driver firewall? How to turn off the firewall
Tips: Vista and WinXP share system resources
Solving Windows XP printers can't share puzzles
Windows operating system desktop often solves the problem
WinXP notebook how to eliminate the sound card does not support the fault of the mixing function
Win8 does not pop up a detailed solution for prompting windows when deleting files
QQ message sound under Windows 7 causes the resolution of playing movies and music to be reduced
Win2K Terminal Service experience
Play Windows XP built-in voice input software
Windows7 provides three power mode notebook cooling methods
Steps for setting up automatic broadband connection/dial-up access under Win10 system
Linux System Bash Vulnerability Fixing Method
I want you to look good! Making a photo album with Win 7 does not lose a large movie