1、在/data/testdir里创建的新文件自动属于g1组,组g2的成员如:alice能对这些新文件有读写权限,组g3的成员如:tom只能对新文件有读权限,其它用户(不属于g1,g2,g3)不能访问这个文件夹。
[root@localhost testdir]# groupadd g1 [root@localhost testdir]# groupadd g2 [root@localhost testdir]# groupadd g3 [root@localhost testdir]# mkdir -p /date/testdir [root@localhost testdir]# chmod 770 /date/testdir [root@localhost testdir]# chown :g1 /date/testdir [root@localhost testdir]# useradd -G g2 alice [root@localhost testdir]# useradd -G g3 tom [root@localhost testdir]# setfacl -Rm g:g2:rwx /date/testdir/ [root@localhost testdir]# setfacl -Rm g:g3:rx /date/testdir/ [root@localhost testdir]# getfacl /date/testdir/ getfacl: Removing leading '/' from absolute path names # file: date/testdir/ # owner: root # group: g1 user::rwx group::rwx group:g2:rwx //题目要求读写,没有x权限也不行 group:g3:r-x //题目要求读权限,如果没有x权限是不能读的 mask::rwx other::---
2、创建组sales,gid 3000,passwd:centos,sales admins:user2
将用户user1,user2,user3加入到sales辅助组
希望user1 创建新文件 默认的所属组为sales
user2将用户user3从sales组移除
删除sales,user1,user2
[root@localhost ~]# groupadd -g 3000 sales [root@localhost ~]# gpasswd sales Changing the password for group sales New Password: Re-enter new password: [root@localhost ~]# useradd -G sales user1 [root@localhost ~]# useradd -G sales user2 [root@localhost ~]# useradd -G sales user3 [root@localhost ~]# gpasswd -A user2 sales [root@localhost ~]# usermod -g sales user1 [root@localhost ~]# su - user1 [user1@localhost ~]$ touch user1.txt [user1@localhost ~]$ ls -l user1.txt -rw-r--r-- 1 user1 sales 0 Jul 25 12:28 user1.txt //查看user1创建文件默认属组为sales [user1@localhost ~]$ exit logout [root@localhost ~]# su user2 [user2@localhost root]$ gpasswd -d user3 sales Removing user user3 from group sales [user2@localhost ~]$ exit logout [root@localhost ~]# userdel -r user1 //删除用户 userdel: group user1 not removed because it is not the primary group of user user1. [root@localhost ~]# userdel -r user2 [root@localhost ~]# groupdel sales
原创文章,作者:Lii,如若转载,请注明出处:http://www.178linux.com/28428
