[root@szb ~]# setfacl -m u:zwx:rw-test
Error: setfacl: Option -m: Invalid argument near character 3
Reason: zwx user does not exist, create or specify an existing user as the operation target
Workaround:
[root@szb ~]# setfacl -Rm u:root:rw-test
[root@szb ~]# getfacl test
# file: test
# owner: root
# group: root
user::rw-
user:root:rw-
group::r--
mask::rw-
other::r--
One, setfacl command
setfacl command – set file ACL rules
setfacl (set file access control list), that is, "set file access control list".
The assignment of permissions can be controlled more precisely, such as allowing a user to have certain permissions on a certain file.
parameter |
meaning |
-R |
–recursive recursively operate on subdirectories |
-m |
–modify-acl change file access control list |
-x |
–remove=acl removes entries from the access control list in the file |
[root@szb ~]# setfacl -Rm u:root:rw-test
[root@szb ~]# getfacl test
# file: test
# owner: root
# group: root
user::rw-
user:root:rw- # added here, no default
group::r--
mask::rw- # added here, no default
other::r--
Second, getfacl command
getfacl command – displays the ACL policy of a file or directory
[root@szb ~]# getfacl shell_17/
# file: shell_17/
# owner: root
# group: root
user::rwx
group::r-x
other::r-x
parameters |
definition |
-c |
Do not display comment title |
-t |
Use tabular output format |
-R |
recurse into subdirectories |
-a |
show file ACL |
-e |
show all effective permissions |
-n |
show user UID and group GID |
[root@szb ~]# getfacl -t shell_17/
# file: shell_17/
USER root rwx
GROUP root r-x
other r-x