Table 17-9 Default ACL Entries for Directoriesĭefault permissions for users other than the file owner or members of the file group.ĭefault permissions for a specific user. When you set default ACL entries for specific users and groups on a directory for the first time, you must also set default ACL entries for the file owner, file group, others, and the ACL mask (these are required and are the first four default ACL entries in the table below). The table below lists the default ACL entries Files or directories created in a directory that has default ACL entries will have the same ACL entries as the default ACL entries. In addition to the ACL entries described in Table 17-8, you can set default ACL entries on a directory. For gid, you can specify either a group name or a numeric GID. For uid, you can specify either a user name or a numeric UID. The mask is a quick way toĬhange permissions on all the users and groups.įor example, the mask:r- mask entry indicates that users and groups cannot have more than read permissions, even though they might have write/execute permissions. The mask entry indicates the maximum permissions allowed for users (other than the owner) and for groups. Permissions for users other than the file owner or members of file group. The first three ACL entries provide the basic UNIX file protection. The table below lists the valid ACL entries. Use the /var/tmpĭirectory for temporary storage of UFS files. This means that if you restore or copy files with ACL entries into the /tmp directory, which is usually mounted as a TMPFS file system, the ACL entries will be lost. UFS file system attributes such as ACLs are supported in UFS file systems only. The following example shows an ACL entry that sets read/write permissions for the user nathan. perms can be indicated by the symbolic characters rwx or a number (the same permissions numbers used with the chmod command). Represents the permissions that are set on entry_type. For example, entry_type can be user (the owner of a file) or mask (the ACL mask). Type of ACL entry on which to set file permissions.
ACL entries consist of the following fields However, this dilemmaĪCL entries are the way to define an ACL on a file, and they are set through the setfacl(1) command. Standard UNIX doesn't provide that level of file security.
Now, assume you wanted only one person in the group to be able to write to that file. Permissions for each of those categories.įor example, if you wanted everyone in a group to be able to read a file, you would simply give group read permissions on that file. An ACL provides better file security by enabling you to define file permissions for the file owner, file group, other, specific users and groups, and default Traditional UNIX file protection provides read, write, and execute permissions for the three user classes: file owner, file group, and other.
0 kommentar(er)
