Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Linux ACL permissions     - How to Install Android Studio on Ubuntu 15.04 / CentOS7 (Linux)

- Win7 used Eclipse to connect the virtual machine in Ubuntu Hadoop2.4 (Server)

- Ubuntu 10.04 to Ubuntu 10.10 Upgrade (Linux)

- CentOS RedHat YUM Source Extensions Supplement (including 32-bit, 64-bit) (Linux)

- Terminal multiplexing tool tmux use (Linux)

- Linux process scheduling opportunity (Programming)

- Search Linux commands and files - which, whereis, locate, find (Linux)

- Hadoop 2.6.0 stand-alone / pseudo-distributed installation (Server)

- OpenStack package problems and solutions under CentOS6 (Linux)

- Large computer network security policy Experience (Linux)

- Ubuntu users to install Xtreme Download Manager (Linux)

- using the ssh command to check the socket / Network Connections (Linux)

- Use chattr and lsattr command to manage linux files and directory attributes (Linux)

- How to protect the Apache website under Linux system (Linux)

- ORA-00824: can not set sga_target due to existing problem-solving (Database)

- Ubuntu 14.04 install the NVIDIA driver + CUDA + MATLAB (Linux)

- Oracle capability i / o (stress test database server i / o performance) (Database)

- The bulk batch multiple rows of data collect (Database)

- Production environment Linux bonding method standby mode slave card switch (Server)

- Based shell: using read, the command-line script to achieve mass participation and input two integer calculation (Programming)

 
         
  Linux ACL permissions
     
  Add Date : 2018-11-21      
         
         
         
  1.ACL (Access Control List) for a single user can be a single file or directory to r, w, x's permission specification. ACL mainly for the following aspects to control permissions:

1): Can for users. To set permissions

2) Groups: For groups object to set its permissions

3) default properties: You can also create a new file in for the directory, when the directory specification data default permissions

2.ACL traditional Unix-Like operating systems support additional projects, and therefore must have a file system ACL support for the job. At present, most file systems support ACL features, including ReiserFS, EXT2 / EXT3, JFS, XFS, etc.

3. Start acl method:

1) mount -o remount, acl /: only valid in this, but a virtual machine test is invalid

2) to directly modify / etc / fstab, after the first record defaults plus ", acl"

4.setfacl [-bkRd] [{- m | -x} acl parameter] destination file name: obtain a file or directory ACL set project parameters,

1) -m: After setting the parameters for subsequent acl file to use, can not be combined with the -x

2) -x: Delete the subsequent acl parameters can not be combined with -m

3) -b: Remove all ACL set parameters

4) -k: Remove the default ACL parameters

5) -R: recursively set acl, that is including this directory will be set up

6) -d: set the "default acl parameter" means only valid for the directory, the directory in the new data will refer to this default.

7) for a particular user mode u: [User List]: [rwx]

5.getfacl filename: acl get file permissions, setfacl parameters substantially identical

6.su [-lm] [- c command] [username]: Switch User, parameters,

1) - Username: Simple to use - such as "su -" representatives to use login-shell variable file read mode to log into the system (that is, the parameters set by the user reads the login related files and modify the current environment variables ), if not add a user name, it represents the switch to the root.

2) -l: and - similar, but later need to add To switch to the user's account

3) -m: -m and -p is the same, that "the use of the current environment settings without reading a new user profile

4) -c: instruction only once, so the back can add -c command

7.sudo [-b] [- u New User]: Enter the user's password without having to switch the case to switch accounts, this method is relatively safe

1) -b: the subsequent instruction into the background enables the system to perform without affecting the current shell

2) -u: To switch back can take the user Without this option represents the switching status is root, it can be directly connected to the back of the instruction

The default command can be executed only root, to perform, you need to modify / etc / sudoers, can modify the document by visudo command

8.visudo: Setting sudo pass, make account sudo command can be executed only to find the root of that line, and then imitate the bottom line in a new row, place the root modification specified account, the value of the line: root ALL = (ALL) ALL, meaning four components of the line are:

1) system which accounts can use the sudo command, the default is root

2) When there is this account which connect to the host portion of the Linux host, which means this account which may be online by the host computer over a network, this setting can specify that the client computer (trusted users). The default root may be from any one network host

3) this account can be switched into what identity issued subsequent instruction, the default root can switch to any person

4) You can use this identity issued what instructions? Always use this command to write the absolute path. You can switch any preset root identity and the meaning of any instruction

By User_Alias, Cmnd_Alias were set user list and a list of instructions to achieve the purpose of batch processing

sudo command in the two time intervals of not more than five minutes, the second instruction is executed without entering the password again

9.w, who: view the current user login system, wherein w information than the whole thing, you can view the load balancing and other relevant information, and who only a user name, terminal information and session length

10.lastlog: only root can use the identity command to read / var / log / lastlog file

11.write recipient account [the user's terminal interface]: then the content, use the instructions can log into the system account with the current conversation.

12.mesg [yn]: Use this instruction may accept or reject the user through the information sent to write, but can not refuse root information sent, where y represents the reception, n refused

13.wall messge: The instruction can send a message to all logged account.
     
         
         
         
  More:      
 
- Linux ban single-user mode to enhance system security (Linux)
- Hadoop safe hftp (Server)
- Ubuntu install Scala 2.10.x version (Linux)
- shell script: a key to install LAMP, LNMP script (Server)
- On the Web application attack techniques Common (Linux)
- To install and use the Doxygen under Linux (Linux)
- linux network security experience (Linux)
- File easier to compare tools under Linux (Linux)
- Oracle RAC node on the expulsion of the inspection process on OEL6.3 (Database)
- How to make GRub instead of the default Ubuntu software center (Linux)
- Python format string (Programming)
- Oracle 11g to create a second instance on Linux (Database)
- Make Linux more secure server tips (Linux)
- Java synchronization mechanism used in locking Thought (Programming)
- To learn linux security (Linux)
- Lambda expressions of evolution (Programming)
- Linux kernel VLAN study notes (Programming)
- Linux Hard Disk Partition and file system management (Linux)
- Enterprise-class GitHub warehousing environment build (Server)
- CentOS7 compile and install Tengine + PHP + MariaDB notes (Server)
     
           
     
  CopyRight 2002-2020 newfreesoft.com, All Rights Reserved.