Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: ACL on the Solaris
Operating Systems Solaris ACL on the Solaris Post 302962194 by sathishbabu89 on Wednesday 9th of December 2015 02:13:08 PM
Old 12-09-2015
Tools ACL on the Solaris
we have two Solaris 10 servers with same configuration and settings. We have hard mounted the NFS with the version 4.
In one of the server the newer ACL commands are working fine (chmod and ls -v) whereas in another only posix (getfacl and setfacl alone is working) when we try ls -V in in that server. the error displays as invalid option. Please advise on how to enable to newer ACL format in that server
Last edited by Don Cragun; 12-09-2015 at 06:19 PM.. Reason: Add ICODE tags.
 

9 More Discussions You Might Find Interesting

1. Cybersecurity

ACL

Hi all, I've just been handled the responsibility for a FTP-site. Having no experiens of UNIX at all. And now one of my users needs to have full access to the usr directory and all it's subdirectories, don't know why just trying to do what the boss tells me. The type of UNIX is FreeBSD and the... (4 Replies)
Discussion started by: -tri-
4 Replies

2. UNIX for Dummies Questions & Answers

ACL vs privileges

Hello genius..! what do y'all think of these questions...? help appreciated...! Access Control Lists and privileges.... # Why both file ACLs and user permissions/privileges (not to be confused with rights in ACLs) are used in Windows access control (why not just use one of these)? # In... (1 Reply)
Discussion started by: heroine
1 Replies

3. Filesystems, Disks and Memory

ACL problem due to mv command used in solaris

Hi All, Is there any way to use mv command and that should apply ACL on the moved files that is already set in distination location This mv command is running in a solaris system. File system is NFS. Problem I am facing : Currently mv command removes ACL from moved files and also it... (0 Replies)
Discussion started by: Tlogine
0 Replies

4. Solaris

Solaris 10 ZFS ACL help

All, Does anyone know of a simple way to traverse a file system and collect all ACL's (or ACE's as they are called now)? We use to be able to use getfacl fairly easily for this task but now we are forced to use -v or -V with the 'ls' command to get the extended permissions for a... (1 Reply)
Discussion started by: Shoeless_Mike
1 Replies

5. Shell Programming and Scripting

Script to find/apply Solaris 10 ACL's

This may be a question for a different forum, but as I will need a script I thought I would start here. We recently migrated from Solaris 8 to Solaris 10. The file system in question here is ZFS, meaning the method for listing and applying ACL's has changed dramatically. To make a long story... (3 Replies)
Discussion started by: Shoeless_Mike
3 Replies

6. Linux

ACL

Hi, I want to know what does the "effective" comment means in the output of the getfacl and whether it has to do with the acl mask... thanks (0 Replies)
Discussion started by: Gartlar
0 Replies

7. Solaris

ACL

Can i get the synopsis for add multiple users in single command for ACL access for a directory or a file thanks in advance dinu (3 Replies)
Discussion started by: dinu
3 Replies

8. UNIX for Advanced & Expert Users

Need assistance on ACL

Hi Friends, I went through the ACL threads that were posted in the past but none were matching to my requirement . Hence starting a new thread . Challenge : user : a group : Test1 user: b group: Test2 Say under user a i create dir /tmp/debug with the privilege of 755 and also... (3 Replies)
Discussion started by: leobreaker
3 Replies

9. Solaris

Set ACL permissions Solaris

I want to set ACL permissions using this command in solaris 10 , but I get an error message. server# mkdir dir1 server# setfacl -m user:allan:rwx dir1 setacl error: Operation not applicable Any one can help in this matter. Please use CODE tags as required by forum rules! (2 Replies)
Discussion started by: AbuAliiiiiiiiii
2 Replies

LEARN ABOUT OPENSOLARIS

getfacl

getfacl(1)							   User Commands							getfacl(1)

NAME

       getfacl - display discretionary file information

SYNOPSIS

       getfacl [-ad] file...

DESCRIPTION

       For  each  argument  that is a regular file, special file, or named pipe, the getfacl utility displays the owner, the group, and the Access
       Control List (ACL). For each directory argument, getfacl displays the owner, the group, and the ACL and/or the default ACL.  Only  directo-
       ries contain default ACLs.

       The getfacl utility may be executed on a file system that does not support ACLs. It reports the ACL based on the base permission bits.

       With no options specified, getfacl displays the filename, the file owner, the file group owner, and both the ACL and the default ACL, if it
       exists.

OPTIONS

       The following options are supported:

       -a    Displays the filename, the file owner, the file group owner, and the ACL of the file.

       -d    Displays the filename, the file owner, the file group owner, and the default ACL of the file, if it exists.

OPERANDS

       The following operands are supported:

       file    The path name of a regular file, special file, or named pipe.

OUTPUT

       The format for ACL output is as follows:

	 # file: filename
	 # owner: uid
	 # group: gid
	 user::perm
	 user:uid:perm
	 group::perm
	 group:gid:perm
	 mask:perm
	 other:perm
	 default:user::perm
	 default:user:uid:perm
	 default:group::perm
	 default:group:gid:perm
	 default:mask:perm
	 default:other:perm

       When multiple files are specified on the command line, a blank line separates the ACLs for each file.

       The ACL entries are displayed in the order in which they are evaluated when an access check is performed. The default ACL entries that  may
       exist on a directory have no effect on access checks.

       The  first three lines display the filename, the file owner, and the file group owner. Notice that when only the -d option is specified and
       the file has no default ACL, only these three lines are displayed.

       The user entry without a user ID indicates the permissions that	are granted to the file owner. One or more additional user  entries  indi-
       cate the permissions that are granted to the specified users.

       The  group  entry  without  a  group  ID  indicates the permissions that  are granted to the file group owner. One or more additional group
       entries indicate the permissions that  are granted to the specified groups.

       The mask entry indicates the ACL mask permissions. These are the maximum permissions allowed to any user entries except the file owner, and
       to any group entries, including the file group owner. These permissions restrict the permissions specified in other entries.

       The other entry indicates the permissions that are granted to others.

       The  default entries may exist only for directories. These entries indicate the default entries that are added to a file created within the
       directory.

       The uid is a login name or a user ID if there is no entry for the uid in the system password file, /etc/passwd. The gid is a group name	or
       a group ID if there is no entry for the gid in the system group file, /etc/group. The perm is a three character string composed of the let-
       ters representing the separate discretionary access rights: r (read), w (write), x (execute/search), or the place holder character  -.  The
       perm is displayed in the following order: rwx. If a permission is not granted by an ACL entry, the place holder character appears.

       If   you  use the chmod(1) command to change the file group owner permissions on a file with ACL entries, both the file group owner permis-
       sions and the ACL mask are changed to the new permissions. Be aware that the new ACL mask permissions may change the effective  permissions
       for additional users and groups who have ACL entries on the file.

       In  order  to  indicate	that  the  ACL mask  restricts an ACL entry, getfacl displays an additional tab character, pound sign (#), and the
       actual permissions granted, following the entry.

EXAMPLES

       Example 1 Displaying file information

       Given file foo, with an ACL six entries long, the command

	 host% getfacl foo

       would print:

	 # file: foo
	 # owner: shea
	 # group: staff
	 user::rwx
	 user:spy:---
	 user:mookie:r--
	 group::r--
	 mask::rw-
	 other::---

       Example 2 Displaying information after chmod command

       Continue with the above example, after chmod 700 foo was issued:

	 host% getfacl foo

       would print:

	 # file: foo
	 # owner: shea
	 # group: staff
	 user::rwx
	 user:spy:---
	 user:mookie:r--     #effective:---
	 group::---
	 mask::---
	 other::---

       Example 3 Displaying information when ACL contains default entries

       Given directory doo, with an ACL containing default entries, the command

	 host% getfacl -d doo

       would print:

	 # file: doo
	 # owner: shea
	 # group: staff
	 default:user::rwx
	 default:user:spy:---
	 default:user:mookie:r--
	 default:group::r--
	 default:mask::---
	 default:other::---

FILES

       /etc/passwd    system password file

       /etc/group     group file

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       chmod(1), ls(1), setfacl(1), acl(2), aclsort(3SEC), group(4), passwd(4), attributes(5)

NOTES

       The output from getfacl is in the correct format for input to the setfacl -f command. If the output from getfacl is redirected to  a  file,
       the file may be used as input to setfacl. In this way, a user may easily assign one file's ACL to another file.

SunOS 5.11							    5 Nov 1994								getfacl(1)
All times are GMT -4. The time now is 04:26 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy