递归地为文件和文件夹设置 ACL,使用易于阅读的配置文件(仅限 macOS)。
首先,您需要创建一个配置文件,该文件将描述要应用于哪些文件夹和文件的不同 ACL。
然后,只需运行 chacl --admin-username admin /path/to/config/file。 需要管理员用户名,因为添加 ACL 是为了让管理员能够访问所有内容,无论配置文件如何设置。
这是一个配置文件示例
###################################################################
# File format is as follow: #
# ([u|g]: user-or-group-name: [r|rw]:)* :/path/to/file-or-folder #
# #
# Note: File and folders in this file should have #
# permission 0000 and be owned by the admin user. #
###################################################################
# This gives the user bob.kelso the permission to read and write in his folder.
u: bob.kelso: rw: :/Volumes/TheBigRAID/File Sharing/Users/bob.kelso
# Nobody can either read or write in this folder.
:/Volumes/TheBigRAID/File Sharing/Users/fired.guy
# Public groups. Everybody can read, only the people in the group can write.
g: staff-all: r: g: staff-tech: rw: :/Volumes/TheBigRAID/File Sharing/Teams/staff-tech
g: staff-all: r: g: staff-finance: rw: :/Volumes/TheBigRAID/File Sharing/Teams/staff-finance
g: staff-all: rw: :/Volumes/TheBigRAID/File Sharing/Teams/staff-all
# Private group. Only the people in the group can read (and write).
g: staff-finance: rw: :/Volumes/TheBigRAID/File Sharing/Teams/staff-finance-private