NFS 的“反向” fmask

Question

如果你可以强制umask用户，你至少可以知道文件将具有哪些权限论创作，但当然，没有什么可以阻止用户chmod事后运行。因此，我能想到两个（类似）选项，你可以使用以下方式“安排”权限更正incron


# apt-cache show incron
Package: incron
Version: 0.5.10-1
Installed-Size: 227
Maintainer: Emmanuel Bouthenot 
Architecture: amd64
Depends: libc6 (>= 2.8), libgcc1 (>= 1:4.1.1), libstdc++6 (>= 4.4.0), lsb-base (>= 3.2-14), adduser
Description-en: cron-like daemon which handles filesystem events
 incron is an "inotify cron" system. It works like the regular cron but is
 driven by filesystem events instead of time events. This package provides two
 programs, a daemon called "incrond" (analogous to crond) and a table
 manipulator "incrontab" (like "crontab").
 incron uses the Linux Kernel inotify syscalls.
 like cron, each user can edit its own incron tables.
 incron can be used to :
  - notifying programs (e.g. server daemons) about changes in configuration
  - guarding changes in critical files (with their eventual recovery)
  - file usage monitoring, statistics
  - automatic on-crash cleanup
  - automatic on-change backup or versioning
  - new mail notification (for maildir)
  - server upload notification
  - installation management (outside packaging systems)
  - ... and many others
Homepage: http://inotify.aiken.cz/

或者在后台运行自定义服务来“监听”inotify事件：


# apt-cache show inotify-tools
Package: inotify-tools
Version: 3.14-1
Installed-Size: 60
Maintainer: Ryan Niebur 
Architecture: amd64
Depends: libc6 (>= 2.8), libinotifytools0 (>= 3.11)
Description-en: command-line programs providing a simple interface to inotify
 inotify-tools is a set of command-line programs for Linux providing a
 simple interface to inotify. These programs can be used to monitor and
 act upon filesystem events. inotify-tools consists of two utilities:
 .
 inotifywait simply blocks for inotify events, making it appropriate
 for use in shell scripts.
 .
 inotifywatch collects filesystem usage statistics and outputs counts
 of each inotify event.
Homepage: https://github.com/rvoicilas/inotify-tools/wiki/

查看这里举个例子。

Answer 1

如果你可以强制umask用户，你至少可以知道文件将具有哪些权限论创作，但当然，没有什么可以阻止用户chmod事后运行。因此，我能想到两个（类似）选项，你可以使用以下方式“安排”权限更正incron


# apt-cache show incron
Package: incron
Version: 0.5.10-1
Installed-Size: 227
Maintainer: Emmanuel Bouthenot 
Architecture: amd64
Depends: libc6 (>= 2.8), libgcc1 (>= 1:4.1.1), libstdc++6 (>= 4.4.0), lsb-base (>= 3.2-14), adduser
Description-en: cron-like daemon which handles filesystem events
 incron is an "inotify cron" system. It works like the regular cron but is
 driven by filesystem events instead of time events. This package provides two
 programs, a daemon called "incrond" (analogous to crond) and a table
 manipulator "incrontab" (like "crontab").
 incron uses the Linux Kernel inotify syscalls.
 like cron, each user can edit its own incron tables.
 incron can be used to :
  - notifying programs (e.g. server daemons) about changes in configuration
  - guarding changes in critical files (with their eventual recovery)
  - file usage monitoring, statistics
  - automatic on-crash cleanup
  - automatic on-change backup or versioning
  - new mail notification (for maildir)
  - server upload notification
  - installation management (outside packaging systems)
  - ... and many others
Homepage: http://inotify.aiken.cz/

或者在后台运行自定义服务来“监听”inotify事件：


# apt-cache show inotify-tools
Package: inotify-tools
Version: 3.14-1
Installed-Size: 60
Maintainer: Ryan Niebur 
Architecture: amd64
Depends: libc6 (>= 2.8), libinotifytools0 (>= 3.11)
Description-en: command-line programs providing a simple interface to inotify
 inotify-tools is a set of command-line programs for Linux providing a
 simple interface to inotify. These programs can be used to monitor and
 act upon filesystem events. inotify-tools consists of two utilities:
 .
 inotifywait simply blocks for inotify events, making it appropriate
 for use in shell scripts.
 .
 inotifywatch collects filesystem usage statistics and outputs counts
 of each inotify event.
Homepage: https://github.com/rvoicilas/inotify-tools/wiki/

查看这里举个例子。

NFS 的“反向” fmask

答案1

相关内容