Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: setfacl on a directory
Operating Systems Solaris setfacl on a directory Post 302453224 by kuljitcingh on Tuesday 14th of September 2010 12:09:27 PM
Old 09-14-2010
setfacl question
I have a scenario where my ACLs are as follows :
$ getfacl SCD
# file: SCD
# owner: jscdetst
# group: sad
user::rwx
user:saddev:rwx
group::rwx
mask::rwx
other::r-x
default:user::rw-
default:group::r--
default:mask::rw-
defaultSmiliether::---


Now when i go inside SCD directory and create a sample file f it shows me owning groups having rw- permissions..where as in the above ACL I had defined default group acl to be just r--.


$ cd SCD
$ touch f
$ ls -lrt f
-rw-rw----+ 1 jscdetst sad 0 Sep 14 11:52 f


More strangely, when I do getfacl f; it shows me the picture i want..but this seems to be not in consistency with what ls -lrt is showing me above :


$ getfacl f
# file: f
# owner: jscdetst
# group: sad
user::rw-
group::r--
mask::rw-
other::---

Why is owning group permissions different in ls -lrt and getfacl.
And if so, what are the real permissions?
 

7 More Discussions You Might Find Interesting

1. Cybersecurity

Usage of setfacl

Hi, I have a directory with 700 permissions. I intend to give rwx privileges to a user which does not belong to the group. I am using the following command setfacl -m u:prod:rwx test when I checked the privileges using getfacl -a test the output was as follows: # file: test #... (1 Reply)
Discussion started by: chakri400
1 Replies

2. UNIX for Advanced & Expert Users

setfacl

I use: setfacl -m user:bbb:rwx folder1 to give user bbb the permission to go into my folder folder1, and cd folder1 setfacl -m user:bbb:rwx * to give bbb the permission under this folder. however, bbb can not cd to folder1, and got "permission denied" messages. the umask is... (3 Replies)
Discussion started by: fredao
3 Replies

3. Solaris

How to use setfacl

Hi all, If, for e.g. I have folder with permissions like this: drwxr-xr-x 2 fuad_ftp nms 96 Jan 8 13:55 test I want to give for user user123 acces rwx using setfacl: setfacl -m user:user123:rwx test But effective rights still is r-x because of mask... ... (1 Reply)
Discussion started by: nypreH
1 Replies

4. Solaris

Issue with setfacl

Hi Experts, I have set access control to a directory which is under / as /proj1 and set the access to user1 as below Once I logging as user1 I am able to create and modify the file which is created by user1 however I am unable to edit / modify the file which is own by root.... (14 Replies)
Discussion started by: kumarmani
14 Replies

5. UNIX for Advanced & Expert Users

setfacl directory limit

hello, I am using XFS filesystem & ACL (setfacl/getfacl). I can set ACL entries only for 21 users per one directory. For the 22nd user it shows invalid argument. Has somebody the same problem? I need to override this limit. thnks in advance david (3 Replies)
Discussion started by: sigd
3 Replies

6. UNIX for Dummies Questions & Answers

help needed with setfacl

Hi, On the setfacl, I am trying to make one user with no rwx privilleges. After reading the man page I still can't get it. Please let me know the correct command. set user - SAM to have NO rwx privilleges on NEW objects setfacl -dm user:sam:--- /opt set user - SAM to have NO... (2 Replies)
Discussion started by: samnyc
2 Replies

7. UNIX for Advanced & Expert Users

Setfacl and granting permissions to a group and its members on a directory

Hi! I created a group HACKERS and made the user "demo" its member. $ id demo uid=500(demo) gid=500(demo) groups=500(demo),502(HACKERS) $ Next, I granted read and execute permissions to the group "HACKERS" on /var/log/httpd as shown below: setfacl -m "g:HACKERS:r-x"... (2 Replies)
Discussion started by: indiansoil
2 Replies

LEARN ABOUT MOJAVE

chroot

CHROOT(2)						      BSD System Calls Manual							 CHROOT(2)

NAME

     chroot -- change root directory

SYNOPSIS

     #include <unistd.h>

     int
     chroot(const char *dirname);

DESCRIPTION

     Dirname is the address of the pathname of a directory, terminated by an ASCII NUL.  chroot() causes dirname to become the root directory,
     that is, the starting point for path searches of pathnames beginning with '/'.

     In order for a directory to become the root directory a process must have execute (search) access for that directory.

     If the program is not currently running with an altered root directory, it should be noted that chroot() has no effect on the process's cur-
     rent directory.

     If the program is already running with an altered root directory, the process's current directory is changed to the same new root directory.
     This prevents the current directory from being further up the directory tree than the altered root directory.

     This call is restricted to the super-user.

RETURN VALUES

     Upon successful completion, a value of 0 is returned.  Otherwise, a value of -1 is returned and errno is set to indicate an error.

ERRORS

     chroot() will fail and the root directory will be unchanged if:

     [ENOTDIR]		A component of the path name is not a directory.

     [ENAMETOOLONG]	A component of a pathname exceeded {NAME_MAX} characters, or an entire path name exceeded {PATH_MAX} characters.

     [ENOENT]		The named directory does not exist.

     [EACCES]		Search permission is denied for any component of the path name.

     [ELOOP]		Too many symbolic links were encountered in translating the pathname.

     [EFAULT]		Path points outside the process's allocated address space.

     [EIO]		An I/O error occurred while reading from or writing to the file system.

SEE ALSO

     chdir(2)

WARNINGS

     There are ways for a root process to escape from the chroot jail.

HISTORY

     The chroot() function call appeared in 4.2BSD.

4.2 Berkeley Distribution					   June 4, 1993 					 4.2 Berkeley Distribution
All times are GMT -4. The time now is 09:10 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy