Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: ACL confusion
Top Forums UNIX for Advanced & Expert Users ACL confusion Post 303005222 by hburnswell on Sunday 15th of October 2017 11:39:04 PM
Old 10-16-2017
@Peasant, thank you for the response.

Unfortunately using the '-b' flag does nothing at all. I would expect to be able to do:

Code:
# setfacl -b <dir>
# setfacl -k <dir>

And all ACL's would be removed back to regular permissions, but this isn't the case. Neither command removes ACL's. As I mentioned, I thought it might be that they were just getting inherited from up the directory tree but there are no ACL's up the tree.

Any thoughts on what might be causing the '-b' and '-k' to do nothing to the ACL's? Possibly an issue with a mask?

Thanks,

HB
 

8 More Discussions You Might Find Interesting

1. Cybersecurity

ACL

Hi all, I've just been handled the responsibility for a FTP-site. Having no experiens of UNIX at all. And now one of my users needs to have full access to the usr directory and all it's subdirectories, don't know why just trying to do what the boss tells me. The type of UNIX is FreeBSD and the... (4 Replies)
Discussion started by: -tri-
4 Replies

2. UNIX for Dummies Questions & Answers

ACL vs privileges

Hello genius..! what do y'all think of these questions...? help appreciated...! Access Control Lists and privileges.... # Why both file ACLs and user permissions/privileges (not to be confused with rights in ACLs) are used in Windows access control (why not just use one of these)? # In... (1 Reply)
Discussion started by: heroine
1 Replies

3. AIX

setting acl

Hi, I want to know how to set acl in aix via smitty and shell prompt, wheather we needs to install additional packages. (0 Replies)
Discussion started by: manoj.solaris
0 Replies

4. Shell Programming and Scripting

Need help to create ACL

Hi, I generated a script that will create the list of dir/sub-dir and will allow to create the same on diff server. this is what i have done : #!/bin/ksh # Script to migrate the directory between the two servers. # Ver 0.1 # Author Krishna. D # c - create and e - extract directory if ;... (1 Reply)
Discussion started by: krishnadvn
1 Replies

5. Linux

ACL

Hi, I want to know what does the "effective" comment means in the output of the getfacl and whether it has to do with the acl mask... thanks (0 Replies)
Discussion started by: Gartlar
0 Replies

6. Solaris

ACL

Can i get the synopsis for add multiple users in single command for ACL access for a directory or a file thanks in advance dinu (3 Replies)
Discussion started by: dinu
3 Replies

7. HP-UX

When did HP-UX have support for ACL?

Hello, I try to find what year HP-UX got support for ACL (Access Control List)? I know that HP-UX was the first Unix with ACL support, but it is very hard to find the information on when that occured. So anyone here know when that did happen? Any answers are appreciated, /eXpander (1 Reply)
Discussion started by: eXpander
1 Replies

8. UNIX for Advanced & Expert Users

Need assistance on ACL

Hi Friends, I went through the ACL threads that were posted in the past but none were matching to my requirement . Hence starting a new thread . Challenge : user : a group : Test1 user: b group: Test2 Say under user a i create dir /tmp/debug with the privilege of 755 and also... (3 Replies)
Discussion started by: leobreaker
3 Replies

LEARN ABOUT OPENDARWIN

fs_copyacl

FS_COPYACL(1)						       AFS Command Reference						     FS_COPYACL(1)

NAME

       fs_copyacl - Copies an ACL from a directory to one or more other directories

SYNOPSIS

       fs copyacl -fromdir <source directory (or DFS file)>
	   -todir <destination directory (or DFS file)>+
	   [-clear] [-id] [-if] [-help]

       fs co -f <source directory (or DFS file)>
	   -t <destination directory (or DFS file)>+
	   [-c] [-id] [-if] [-h]

DESCRIPTION

       The fs copyacl command copies the access control list (ACL) from a source directory to each specified destination directory. The source
       directory's ACL is unchanged, and changes to the destination directory's ACL obey the following rules:

       o   If an entry on the source ACL does not already exist on the destination ACL, it is added.

       o   If an entry exists on both the source and destination ACLs, the permissions from the source ACL entry replace the current permissions
	   on the destination ACL entry.

       o   If an entry on the destination ACL has no corresponding entry on the source ACL, it is removed if the -clear flag is included and is
	   unchanged otherwise. In other words, if the -clear flag is provided, the source ACL completely replaces the destination ACL.

       When using this command to copy ACLs between objects in DFS filespace accessed via the AFS/DFS Migration Toolkit Protocol Translator, it is
       possible to specify files, as well as directories, with the -fromdir and -todir arguments.

CAUTIONS

       Do not copy ACLs between AFS and DFS files or directories. The ACL formats are incompatible.

OPTIONS

       -fromdir <source directory>
	   Specifies the source directory from which to copy the ACL.  (Specifying an AFS file copies its directory's ACL, but specifying a DFS
	   file copies its own ACL.) A partial pathname is interpreted relative to the current working directory.

       -todir <destination directory>
	   Specifies each directory for which to alter the ACL to match the source ACL. (Specifying an AFS file halts the command with an error,
	   but specifying a DFS file alters the file's ACL). A partial pathname is interpreted relative to the current working directory.

	   Specify the read/write path to each directory (or DFS file), to avoid the failure that results from attempting to change a read-only
	   volume. By convention, the read/write path is indicated by placing a period before the cell name at the pathname's second level (for
	   example, "/afs/.abc.com"). For further discussion of the concept of read/write and read-only paths through the filespace, see the fs
	   mkmount reference page.

       -clear
	   Replaces the ACL of each destination directory with the source ACL.

       -id Modifies the Initial Container ACL of each DFS directory named by the -todir argument, rather than the regular Object ACL. This
	   argument is supported only when both the source and each destination directory reside in DFS and are accessed via the AFS/DFS Migration
	   Toolkit Protocol Translator.

       -if Modifies the Initial Object ACL of each DFS directory named by the -todir argument, rather than the regular Object ACL. This argument
	   is supported only when both the source and each destination directory reside in DFS and are accessed via the AFS/DFS Migration Toolkit
	   Protocol Translator.

       -help
	   Prints the online help for this command. All other valid options are ignored.

EXAMPLES

       The following example command copies the current working directory's ACL to its subdirectory called reports. Note that the source
       directory's ACL is unaffected. Entries on the reports directory's that are not on the source ACL of the current directory remain unaffected
       as well, because the -clear flag is not used.

	  % fs listacl . reports
	  Access list for . is
	  Normal rights:
	     pat rlidwka
	     smith rlidwk
	  Access list for reports is
	  Normal rights:
	     pat rl
	     pat:friends rl
	  Negative rights
	     jones rlidwka

	  % fs copyacl -fromdir . -todir reports

	  % fs listacl . reports
	  Access list for . is
	  Normal rights:
	     pat rlidwka
	     smith rlidwk
	  Access list for reports is
	  Normal rights:
	     pat rlidwka
	     pat:friends rl
	     smith rlidwk
	  Negative rights
	     jones rlidwka

PRIVILEGE REQUIRED

       To copy an ACL between AFS objects, the issuer must have the "l" (lookup) permission on the source directory's ACL and the "a" (administer)
       permission on each destination directory's ACL. If the -fromdir argument names a file rather than a directory, the issuer must have both
       the "l" and "r" (read) permissions on the ACL of the file's directory.

       To copy an ACL between DFS objects, the issuer must have the r permission on the source directory or file's ACL and the "c" (control)
       permission on each destination directory or file's ACL.

SEE ALSO

       fs_listacl(1), fs_mkmount(1), fs_setacl(1)

COPYRIGHT

       IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

       This documentation is covered by the IBM Public License Version 1.0.  It was converted from HTML to POD by software written by Chas
       Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.

OpenAFS 							    2012-03-26							     FS_COPYACL(1)
All times are GMT -4. The time now is 06:43 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy