[root@szb ~]# setfacl -m u:zwx:rw-test Error: setfacl: Option -m: Invalid argument near character 3 Reason: zwx user does not exist, create or specify an existing user as the operation target
Workaround:
[root@szb ~]# setfacl -Rm u:root:rw-test [root@szb ~]# getfacl test # file: test # owner: root # group: root user::rw- user:root:rw- group::r-- mask::rw- other::r--
One, setfacl command
setfacl command – set file ACL rules setfacl (set file access control list), that is, "set file access control list". The assignment of permissions can be controlled more precisely, such as allowing a user to have certain permissions on a certain file.
| parameter | meaning |
|---|---|
| -R | –recursive recursively operate on subdirectories |
| -m | –modify-acl change file access control list |
| -x | –remove=acl removes entries from the access control list in the file |
[root@szb ~]# setfacl -Rm u:root:rw-test [root@szb ~]# getfacl test # file: test # owner: root # group: root user::rw- user:root:rw- # added here, no default group::r-- mask::rw- # added here, no default other::r--
Second, getfacl command
getfacl command – displays the ACL policy of a file or directory [root@szb ~]# getfacl shell_17/ # file: shell_17/ # owner: root # group: root user::rwx group::r-x other::r-x
| parameters | definition |
|---|---|
| -c | Do not display comment title |
| -t | Use tabular output format |
| -R | recurse into subdirectories |
| -a | show file ACL |
| -e | show all effective permissions |
| -n | show user UID and group GID |
[root@szb ~]# getfacl -t shell_17/ # file: shell_17/ USER root rwx GROUP root r-x other r-x