我正在尝试在特定目录集上强制执行 777 的文件权限。我使用了“setfacl -md:o::rwx”,获得了看似正确的权限
$ getfacl .
# file: .
# owner: blah
# group: blah
# flags: -s-
user::rwx
group::rwx
other::rwx
default:user::rwx
default:group::rwx
default:other::rwx
当我运行 mkdir 时,我得到了一个具有正确权限的目录。
$ mkdir test
$ ll -d test
drwxrwsrwx+ 2 blah blah 4096 Oct 28 10:26 test
当我运行“mkdir -p”时,我获得与 umask 匹配的权限,而不是 acl。
$ mkdir -p test1
$ ll -d test1
drwxrwsr-x+ 2 blah blah 4096 Oct 28 10:27 test1
我是否遗漏了什么?
答案1
我相信这是正确的行为。查看 info mkdir:
`-p'
`--parents'
Make any missing parent directories for each argument, setting
their file permission bits to the umask modified by `u+wx'. Ignore
existing parent directories, and do not change their file
permission bits.
To set the file permission bits of any newly-created parent
directories to a value that includes `u+wx', you can set the umask
before invoking `mkdir'. For example, if the shell command
`(umask u=rwx,go=rx; mkdir -p P/Q)' creates the parent `P' it sets
the parent's permission bits to `u=rwx,go=rx'. To set a parent's
special mode bits as well, you can invoke `chmod' after `mkdir'.
*Note Directory Setuid and Setgid::, for how the set-user-ID and
set-group-ID bits of newly-created parent directories are
inherited.
因此 mkdir -p 将采用 umask 值(经修改u+rw)来创建树中不存在的任何目录,如果您考虑如何解决已存在的父目录的权限问题,这是否有意义?
正如摘录所述,您可以在运行命令之前更改 umask,尽管在创建所有内容之后在父目录上运行递归 chmod 可能会容易得多。