Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
|
google unix.com
|
|||||||
| Forums | Register | Forum Rules | Links | Albums | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
 |
| SUN Solaris The Solaris Operating System, usually known simply as Solaris, is a free Unix-based operating system introduced by Sun Microsystems . |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| How to use setfacl | nypreH | SUN Solaris | 1 | 01-08-2009 09:14 AM |
| Setfacl permission issue | MeganP | Shell Programming and Scripting | 0 | 08-01-2007 05:15 PM |
| setfacl | fredao | UNIX for Advanced & Expert Users | 3 | 03-21-2007 11:45 PM |
| Usage of setfacl | chakri400 | Security | 1 | 10-31-2003 11:04 AM |
 |
Powered by 
|
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
07-03-2009
|
|||||
|
|||||
|
Your original request:
Quote:
Quote:
|
|
07-03-2009
|
||||
|
||||
|
I don't think the umask should help.
User1 is granted read and write access only for the directory itself which means he can create, rename and delete files there, even those that do not belong to him. Files in that directory keep their permissions so it is expected for user1 not to be able to directly modify root owned files content. |
|
07-03-2009
|
||||
|
||||
|
I don't understand it that way.
The ACL mask parameter when set to a directory apply to permissions set to that directory, not to existing or new files inside it. Last edited by jlliagre; 07-04-2009 at 05:15 AM.. Reason: missing "to" |
|
07-03-2009
|
|||||
|
|||||
|
There are two differing acl schemes floating around. We are discussing the older scheme that is in use on Solaris ufs file systems. Setting an acl on a directory does not propagate to any pre-existing files under that directory. If a file is created in a directory with an acl set, that acl is not automatically applied to the file. You can't set a file's umask with a setfacl or by any other technique. Files do not have umasks, processes have umasks.
This form of acl does have a "mask" concept. It is intended to enable a non-acl aware program to be able to interact with a file that has acls. The file owner is immune from the mask and so is the "world" (or "other"). These two classes of users are clearly defined in an identical fashion whether or not you use acls. But an acl can specify various other groups and users and these folks don't make sense to a non-acl aware program. So the idea is to use this "mask" concept. For example, if a program uses the chmod() system call to remove group execute permission, execute permission is removed from the mask. This is a controversial idea, but it does make some sense... older programs can continue to run. If you still don't understand the mask concept, just do this: Whenever you change the permission on a non-owner user or a group with a setfacl command, specify the -r option to recompute the mask and other than that leave the mask alone. |
| Sponsored Links | ||
|
|
| Bits Awarded / Charged to Perderabo for this Post | |||
| Date | User | Comment | Amount |
| 07-04-2009 | Neo | Thanks! | 100,000 |
|
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Linear Mode
