"ls -lah" 输出中权限末尾的点是什么意思?
What does the dot at the end of the permissions in the output of "ls -lah" mean?
我找到了一些 Linux 文件,当我输入 ls -lah 时,它会输出以下权限格式:
...
drwxr-xr-x. 2 root root
...
-rw-rw-r--. 1 root root
...
我想知道,权限格式末尾的点(-rw-rw-r--.)是什么意思?
来自 GNU.org 在 what information is listed 下:
GNU ls uses a ‘.’ character to indicate a file with a SELinux security context, but no other alternate access method.
这基本上意味着该文件有一个 Access Control List (ACL) with SELinux. You can set or delete ACL association for a file by using the setfacl 命令
根据 Filesystem permissions wiki page,点表示存在 SELinux 上下文。
来自 info coreutils 'ls invocation' Linux
GNU `ls' uses a `.' character to indicate a file with an SELinux
security context, but no other alternate access method.
A file with any other combination of alternate access methods is
marked with a `+' character.
所以不是 ACL,来自@Tom van der Lee 参考资料
+ (plus) suffix indicates an access control list that can control additional permissions.
. (dot) suffix indicates an SELinux context is present. Details may be listed with the command ls -Z.
@ suffix indicates extended file attributes are present.
我机器上的一个例子:
$ ls -l 35mm DNS-cache
-rw-r--r--. 1 graeme graeme 60 Feb 27 2010 35mm
-rw-r--r-- 1 graeme everyone 5193 Jun 1 14:45 DNS-cache
$
$ getfacl -s 35mm DNS-cache
$ ls -Z 35mm DNS-cache
unconfined_u:object_r:user_home_t:s0 35mm
? DNS-cache
所以 getfacl -s 没有产生任何输出,因为没有 ACL。但是有一个安全上下文(见 ls -Z)
我找到了一些 Linux 文件,当我输入 ls -lah 时,它会输出以下权限格式:
...
drwxr-xr-x. 2 root root
...
-rw-rw-r--. 1 root root
...
我想知道,权限格式末尾的点(-rw-rw-r--.)是什么意思?
来自 GNU.org 在 what information is listed 下:
GNU ls uses a ‘.’ character to indicate a file with a SELinux security context, but no other alternate access method.
这基本上意味着该文件有一个 Access Control List (ACL) with SELinux. You can set or delete ACL association for a file by using the setfacl 命令
根据 Filesystem permissions wiki page,点表示存在 SELinux 上下文。
来自 info coreutils 'ls invocation' Linux
GNU `ls' uses a `.' character to indicate a file with an SELinux
security context, but no other alternate access method.
A file with any other combination of alternate access methods is
marked with a `+' character.
所以不是 ACL,来自@Tom van der Lee 参考资料
+ (plus) suffix indicates an access control list that can control additional permissions. . (dot) suffix indicates an SELinux context is present. Details may be listed with the command ls -Z. @ suffix indicates extended file attributes are present.
我机器上的一个例子:
$ ls -l 35mm DNS-cache
-rw-r--r--. 1 graeme graeme 60 Feb 27 2010 35mm
-rw-r--r-- 1 graeme everyone 5193 Jun 1 14:45 DNS-cache
$
$ getfacl -s 35mm DNS-cache
$ ls -Z 35mm DNS-cache
unconfined_u:object_r:user_home_t:s0 35mm
? DNS-cache
所以 getfacl -s 没有产生任何输出,因为没有 ACL。但是有一个安全上下文(见 ls -Z)