Home >Operation and Maintenance >Linux Operation and Maintenance >How to configure high-availability permission management on Linux
How to configure high-availability permission management on Linux
In the Linux operating system, permission management is a very important and essential task. High-availability permission management prevents unauthorized users from accessing sensitive data, protecting system security and integrity. This article will introduce how to configure high-availability permission management on Linux, and use code examples to help readers better understand and practice.
1. Understand the Linux permission model
In Linux, each file and directory has a set of permissions to determine the user's access rights to it. There are three main categories of permissions: owner, group and others. The permissions of each category can be subdivided into three permissions: read (r), write (w) and execute (x). The numerical values corresponding to the permissions are 4, 2 and 1, which can be used in combination. For example, rwx (read, write, execute) corresponds to a digital permission value of 7, and r-x (read, do not write, execute) corresponds to a digital permission value of 5.
For example, we can use the following command to view the detailed permission information of a file:
$ ls -l file.txt -rw-r--r-- 1 user group 1024 Sep 30 10:00 file.txt
In the above output results, "-rw-r--r--" in the first column means File permissions. Among them, the first one represents the file type, the next three are the permissions of the owner, the next three are the permissions of users in the same group, and the last three are the permissions of other users.
2. Use Access Control List (ACL) to extend permission control
In Linux, Access Control List (ACL) is an extended permission control mechanism that can be used for specific users or user groups. Assign specified permissions. ACL can achieve more flexible and fine-grained permission control.
First, we need to ensure that the ACL toolkit is installed. On a Debian/Ubuntu system, you can use the following command to install:
$ sudo apt-get install acl
On a CentOS/RHEL system, you can use the following command to install:
$ sudo yum install acl
Next, we will demonstrate how to specify a user Grant read and write permissions to the file. Suppose we have a file file.txt
, and we want to grant read and write permissions to user john
.
First, the file system where the file is located needs to be mounted to support ACL. Find the partition where the file is located and use the following command to mount it:
$ sudo mount -o remount,acl /dev/sdaX /mnt
where /dev/sdaX
is the device name of the target partition and /mnt
is the mount point .
Then, you can use the following command to set the ACL for the file:
$ sudo setfacl -m u:john:rw file.txt
In the above command, -m
means modifying the ACL, u:john
means Add ACL for user john
, rw
indicates read and write permissions. Use the getfacl
command to view the ACL information of the file:
$ getfacl file.txt # file: file.txt # owner: user # group: group user::rw- user:john:rw- group::r-- mask::rw- other::r--
Among them, user::rw-
represents the owner's permissions, user:john:rw -
represents the permissions of user john
, group::r--
represents the permissions of users in the same group, mask::rw-
represents the maximum permissions, other::r--
indicates the permissions of other users.
To continue reading, please visit [https://linux.cn/article-12863-1.html](https://linux.cn/article-12863-1.html)
The above is the detailed content of How to configure high-availability permission management on Linux. For more information, please follow other related articles on the PHP Chinese website!