1.查看文件系统是否支持ACL (xfs文件系统强制开启ACL,如果该分区已格式化为xfs,在使用dumpe2fs会看不到superblocks信息)
zheng@ubuntu16:~$ sudo dumpe2fs -h /dev/sda1 | grep 'Defaultsmount'
dumpe2fs 1.42.13 (17-May-2015)
Default mount options: user_xattr acl
2.永久开启
$ vim /etc/fstab (defaults后加入acl)
UUID=7a9555d5-5f2c-4adb-aad4-21959de99acb /home ext4 defaults,acl 0 2
临时开启
$ sudo mount -o remount,acl /home
针对特定用户在某个目录开启ACL
3.设为acl控制目录
[zheng@localhost local]$ pwd
/usr/local
[zheng@localhost local]$ sudo setfacl -m u:zheng:rwx acl
[zheng@localhost local]$ touch acl/a.txt
[zheng@localhost local]$ ls acl/
a.txt
4.查看acl信息
[zheng@localhost local]$ getfacl /usr/local/acl/
getfacl: Removing leading '/' from absolute path names
# file: usr/local/acl/
# owner: root
# group: root
user::rwx
user:zheng:rwx
group::r-x
mask::rwx
other::r-x
5.设置继承 (加d参数)
$ setfacl -m d:[ug]:用户列表:[rwx] 目录名