Linux command
ntfs-3g.secaudit 命令
安全
权限或系统影响较大,执行前请核对目标。
常用示例
Audit all security data
sudo ntfs-3g.secaudit -ar [/dev/sda1]
Display permissions
sudo ntfs-3g.secaudit [/dev/sda1] [/path/to/directory]
Recursively display permissions
sudo ntfs-3g.secaudit -r [/dev/sda1] [/path/to/directory]
Backup ACLs
sudo ntfs-3g.secaudit -b [/dev/sda1] [/path] > [backup.txt]
Restore ACLs
sudo ntfs-3g.secaudit -s [/dev/sda1] < [backup.txt]
Get a user mapping proposal
sudo ntfs-3g.secaudit -u [/dev/sda1] [/path/to/windows/file]
说明
ntfs-3g.secaudit displays the ownership and permissions of files on an NTFS file system and checks their consistency. It can audit security data, backup and restore ACLs, and propose user mappings. The volume must be unmounted and the command must be run as root.
参数
- -a
- Audit all global security data on the volume. Combine with -r to also scan all files and directories.
- -b
- Recursively extract NTFS ACLs to standard output for backup purposes.
- -s
- Set NTFS ACLs from a backup file or standard input. Combine with -e to also restore extra parameters (Windows attrib).
- -e
- Used with -s to set extra backed-up parameters.
- -r
- Recurse into subdirectories. With -a, checks file relations to global security data.
- -u
- Display a proposed user mapping file based on Windows ownership of a mounted file.
- -h _file_
- Display hexadecimal security descriptors from a saved file in human-readable form.
- -v
- Verbose output. Use twice for very verbose output.
FAQ
What is the ntfs-3g.secaudit command used for?
ntfs-3g.secaudit displays the ownership and permissions of files on an NTFS file system and checks their consistency. It can audit security data, backup and restore ACLs, and propose user mappings. The volume must be unmounted and the command must be run as root.
How do I run a basic ntfs-3g.secaudit example?
Run `sudo ntfs-3g.secaudit -ar [/dev/sda1]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -a do in ntfs-3g.secaudit?
Audit all global security data on the volume. Combine with -r to also scan all files and directories.