Суть лабораторной:
Материалы: http://help.ubuntu.ru/wiki/access_control_list
-- Import ova image with Debian9 without GUI.
-- in VirtualBox add new 3GB disk for Debian9
-- Start Debian9
-- Login as user "root" and install acl
root@d90:/~# apt-get install acl
-- run program fdisk or cfdisk on new clean /dev/sdb disk
Смотри точнее, vaata täpsemalt.
root@d90:/~# fdisk /dev/sdb
-- create new DOS partition table
type: o
-- create new partition
type: n
-- select primary partition
type: p
-- set partition number
type: 1
-- set beginning of partition
type: Enter
-- set end of partition
type: Enter
-- show partitions
type: p
--
check that created partition type is linux(83)
-- write data to partition table
type: w
-- Format partition
root@d90:/~# mkfs.ext4 /dev/sdb1
-- Create mount point
root@d90:/~# mkdir /mnt/acl
-- Mount partition with acl option
root@d90:/~# mount -o acl /dev/sdb1 /mnt/acl
-- or remount if needed
root@d90:/~# mount -o remount,acl /dev/sdb1
-- Check mounted device
root@d90:/~# df -h
-- To automaticaly mount that partition add (or change if exist) in /etc/fstab
/dev/sdb1 /mnt/acl ext4 acl,defaults,errors=remount-ro 0 1
root@d90:/~# cd /mnt/acl
-- Create folder for user "it" on /mnt/acl
root@d90:/mnt/acl# mkdir it
-- Change owner of the created folder
root@d90:/mnt/acl# chown it.it it
-- Login as user "it" and move to folder /mnt/acl/it
it@d90:/~# cd /mnt/acl/it
-- Crate new folders under user "it" in folder /mnt/acl/it
it@d90:/mnt/acl/it# mkdir a b c
it@d90:/mnt/acl/it# touch q.txt w.php r.doc
-- Show files and folders writes
it@d90:/mnt/acl/it# getfacl *
-- Login as user "root"
-- Create users with home folders in /mnt/acl/
root@d90:/mnt/acl# useradd -m -b /mnt/acl/ -s /bin/bash papa
root@d90:/mnt/acl# useradd -m -b /mnt/acl/ -s /bin/bash mama
root@d90:/mnt/acl# ls -l
total 28
drwxr-xr-x 2 mama mama 4096 Feb 10 16:43 mama
drwxr-xr-x 2 papa papa 4096 Feb 10 16:43 papa
-- Add access rights for user "papa" to folder mama
root@d90:/mnt/acl# setfacl -m u:papa:rwx mama
-- Посмотрим расширенный листинг каталога
root@d90:/mnt/acl# ls -l
total 28
drwxrwxr-x+ 2 mama mama 4096 Feb 10 16:43 mama
drwxr-xr-x 2 papa papa 4096 Feb 10 16:43 papa
-- Symbol + have mean of additional rights to file or folder
-- Checkout access rights to folder mama
root@d90:/mnt/acl# getfacl mama
# file: mama
# owner: mama
# group: mama
user::rwx
user:papa:rwx -- access rights to folder mama
group::r-x
mask::rwx
other::r-x
-- Add access rights for user "mama" and "it" to folder papa
root@d90:/mnt/acl# setfacl -m u:mama:rwx,u:it:rx papa
-- Checkout result rights for folder papa
root@d90:/mnt/acl# getfacl papa
# file: papa
# owner: papa
# group: papa
user::rwx
user:it:r-x -- access rights for user "it" to folder papa
user:mama:rwx -- access rights for user "mama" to papa
group::r-x
mask::rwx
other::r-x
-- Checkout which access rights have user "papa" and "it" to in dolder mama