We are setting up a Linux machine (CentOS 7 to be exact) to share files within a team. One particular regular user (the boss) will need to be able to read / write / modify / delete all files and directories in the file system or directory where we share files. I just wonder if it is possible to set an SELinux policy to enforce his privilege. In the past we ran a cron job to enforce permissions on all files and directories every ten minutes. I just thought SELinux will be the better way to go if it is possible.
I am also open to any other suggestions. Thanks a lot!
Selinux provides a mechanism for supporting access control security policies. If you need to give access to other users , you can use ACLs or file permissions.
setfacl -Rdm u:boss:rwx /shared_dir
setfacl -Rm u:boss:rwx /shared_dir
to view ACLs :- getfacl filename
u:- user
g:- group
d:- default
o:- other
see the man pages for more infor:- man acl
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.