Linux command
setfacl 命令
文件
复制后可按需替换文件名、目录或参数。
常用示例
Example
setfacl -m u:username:rw path/to/file
Example
setfacl -d -m u::rw path/to/directory
Remove
setfacl -x u:username path/to/file
Example
setfacl -b path/to/file
Example
setfacl -R -m u:username:rx path/to/directory
Copy
getfacl file1 | setfacl --set-file=- file2
Example
setfacl -m g:groupname:r path/to/file
说明
setfacl sets Access Control Lists (ACLs) of files and directories. ACLs provide fine-grained access control beyond the traditional Unix owner/group/other permission model, allowing specific permissions for individual users and groups.
参数
- -m, --modify
- Modify the ACL with the specified entries.
- -x, --remove
- Remove specified ACL entries.
- -M, --modify-file
- Read ACL entries to modify from a file.
- -X, --remove-file
- Read ACL entries to remove from a file.
- -b, --remove-all
- Remove all extended ACL entries.
- -k, --remove-default
- Remove the default ACL.
- -d, --default
- Apply operations to the default ACL.
- -n, --no-mask
- Do not recalculate the effective rights mask.
- --mask
- Force recalculation of the effective rights mask.
- -R, --recursive
- Apply operations recursively.
- -L, --logical
- Follow symbolic links to directories (with -R).
- -P, --physical
- Do not follow symbolic links (with -R).
- --restore=file
- Restore permissions from a getfacl backup.
- --test
- Test mode - list resulting ACLs without modifying.
FAQ
What is the setfacl command used for?
setfacl sets Access Control Lists (ACLs) of files and directories. ACLs provide fine-grained access control beyond the traditional Unix owner/group/other permission model, allowing specific permissions for individual users and groups.
How do I run a basic setfacl example?
Run `setfacl -m u:username:rw path/to/file` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -m, --modify do in setfacl?
Modify the ACL with the specified entries.