When I add a new directory to a path, I only get the "group@" line in the ACL
The parent directory ACL is
I want to make sure that those in subsequent sub directories can have the same premsissions, i.e., under the parent, they will all have the same group line as above.
But on doing "mkdir newdir", I'm getting -
No "user" row or "everyone" row.
Edit -
I should have added that if I don't have the 'fd' in, the directory created includes "user" and "everyone" rows in the acl.
root@server > ls -dV newdir1
Moderator's Comments:
Please use code tags as required by forum rules!
Last edited by RudiC; 07-18-2016 at 07:34 AM..
Reason: Added code tags.
Hi all,
I've just been handled the responsibility for a FTP-site. Having no experiens of UNIX at all. And now one of my users needs to have full access to the usr directory and all it's subdirectories, don't know why just trying to do what the boss tells me. The type of UNIX is FreeBSD and the... (4 Replies)
Hi all,
How can I set default owning user and default owning group with setfacl on Solaris 2.6 and up ?
My idea is, that when a file is created by user x, and the default owning user is y, the ownership is set to y.
This option is visible in the filemanager, though not editable. I can't find... (5 Replies)
Hi,
while setting access control list I am getting error "Operation NOt Supported"
Example :user A wants full access on test directory /home/user B/test, I dont want to add in secondary group bcz group has read permission, (1 Reply)
Folks;
How can i setup ACL in Apache so i can give a group of users (defined by their emails (all users under *@red.com) access to a web page? (10 Replies)
Hi, I want to know what does the "effective" comment means in the output of the getfacl and whether it has to do with the acl mask...
thanks (0 Replies)
Trying to figure out the best method of security for oracle user accounts. In Solaris 10 they are set as regular users but have nologin set forcing the dev's to login as themselves and then su to the oracle users.
In Solaris11 we have the option of making it a role because RBAC is enabled but... (1 Reply)
we have two Solaris 10 servers with same configuration and settings. We have hard mounted the NFS with the version 4.
In one of the server the newer ACL commands are working fine (chmod and ls -v) whereas in another only posix (getfacl and setfacl alone is working) when we try ls -V in in that... (13 Replies)
Discussion started by: sathishbabu89
13 Replies
LEARN ABOUT SUSE
chacl
CHACL(1) Access Control Lists CHACL(1)NAME
chacl - change the access control list of a file or directory
SYNOPSIS
chacl acl pathname...
chacl -b acl dacl pathname...
chacl -d dacl pathname...
chacl -R pathname...
chacl -D pathname...
chacl -B pathname...
chacl -l pathname...
chacl -r pathname...
DESCRIPTION
chacl is an IRIX-compatibility command, and is maintained for those users who are familiar with its use from either XFS or IRIX. Refer to
the SEE ALSO section below for a description of tools which conform more closely to the (withdrawn draft) POSIX 1003.1e standard which
describes Access Control Lists (ACLs).
chacl changes the ACL(s) for a file or directory. The ACL(s) specified are applied to each file in the pathname arguments.
Each ACL is a string which is interpreted using the acl_from_text(3) routine. These strings are made up of comma separated clauses each of
which is of the form, tag:name:perm. Where tag can be:
"user" (or "u")
indicating that the entry is a user ACL entry.
"group" (or "g")
indicating that the entry is a group ACL entry.
"other" (or "o")
indicating that the entry is an other ACL entry.
"mask" (or "m")
indicating that the entry is a mask ACL entry.
name is a string which is the user or group name for the ACL entry. A null name in a user or group ACL entry indicates the file's owner or
file's group. perm is the string "rwx" where each of the entries may be replaced by a "-" indicating no access of that type, e.g. "r-x",
"--x", "---".
OPTIONS -b Indicates that there are two ACLs to change, the first is the file access ACL and the second the directory default ACL.
-d Used to set only the default ACL of a directory.
-R Removes the file access ACL only.
-D Removes directory default ACL only.
-B Remove all ACLs.
-l Lists the access ACL and possibly the default ACL associated with the specified files or directories. This option was added during
the Linux port of XFS, and is not IRIX compatible.
-r Set the access ACL recursively for each subtree rooted at pathname(s). This option was also added during the Linux port of XFS, and
is not compatible with IRIX.
EXAMPLES
A minimum ACL:
chacl u::rwx,g::r-x,o::r-- file
The file ACL is set so that the file's owner has "rwx", the file's group has read and execute, and others have read only access to the
file.
An ACL that is not a minimum ACL, that is, one that specifies a user or group other than the file's owner or owner's group, must contain a
mask entry:
chacl u::rwx,g::r-x,o::r--,u:bob:r--,m::r-x file1 file2
To set the default and access ACLs on newdir to be the same as on olddir, you could type:
chacl -b `chacl -l olddir |
sed -e 's/.*[//' -e 's#/# #' -e 's/]$//'` newdir
CAUTIONS
chacl can replace the existing ACL. To add or delete entries, you must first do chacl -l to get the existing ACL, and use the output to
form the arguments to chacl.
Changing the permission bits of a file will change the file access ACL settings (see chmod(1)). However, file creation mode masks (see
umask(1)) will not affect the access ACL settings of files created using directory default ACLs.
ACLs are filesystem extended attributes and hence are not typically archived or restored using the conventional archiving utilities. See
attr(5) for more information about extended attributes and see xfsdump(8) for a method of backing them up under XFS.
SEE ALSO getfacl(1), setfacl(1), chmod(1), umask(1), acl_from_text(3), acl(5), xfsdump(8)September 2001 ACL File Utilities CHACL(1)