Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Usage of setfacl
Special Forums Cybersecurity Usage of setfacl Post 42579 by chakri400 on Friday 31st of October 2003 02:30:22 AM
Old 10-31-2003
Usage of setfacl
Hi,

I have a directory with 700 permissions. I intend to give rwx privileges to a user which does not belong to the group.
I am using the following command

setfacl -m u:prod:rwx test

when I checked the privileges using

getfacl -a test

the output was as follows:

# file: test
# owner: prod
# group: admin
user::rwx
user:app01prod:rwx #effective:---
group::--- #effective:---
mask:---
other:---

and am not able to access this directory using prod user.

As you can see, the effective permissions are ---. Can you tell me what am I missing here?

Thanks in advance,
Sree
Last edited by Perderabo; 10-31-2003 at 11:01 AM..
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

setfacl

I use: setfacl -m user:bbb:rwx folder1 to give user bbb the permission to go into my folder folder1, and cd folder1 setfacl -m user:bbb:rwx * to give bbb the permission under this folder. however, bbb can not cd to folder1, and got "permission denied" messages. the umask is... (3 Replies)
Discussion started by: fredao
3 Replies

2. UNIX for Dummies Questions & Answers

overriding the mask in setfacl

hello everbody: Im trying to give the user "ydarwish" a full access over some directory on my sol9 machine. however the setfacl is recalculating the mask parameter keeping me from keeping him effective write and read access: root@Obi-Wan> setfacl -m u:ydarwish:rwx /IN_ARCHIVE6 root@Obi-Wan>... (4 Replies)
Discussion started by: aladdin
4 Replies

3. HP-UX

how can I find cpu usage memory usage swap usage and logical volume usage

how can I find cpu usage memory usage swap usage and I want to know CPU usage above X% and contiue Y times and memory usage above X % and contiue Y times my final destination is monitor process logical volume usage above X % and number of Logical voluage above can I not to... (3 Replies)
Discussion started by: alert0919
3 Replies

4. Solaris

How to use setfacl

Hi all, If, for e.g. I have folder with permissions like this: drwxr-xr-x 2 fuad_ftp nms 96 Jan 8 13:55 test I want to give for user user123 acces rwx using setfacl: setfacl -m user:user123:rwx test But effective rights still is r-x because of mask... ... (1 Reply)
Discussion started by: nypreH
1 Replies

5. Solaris

Please help --setfacl: illegal option -- R

when i am executing setfacl -Rm u:ggoyal2:rwx,m:rwx dir i am getting error bash-3.00# setfacl -Rm u:ggoyal2:rwx,m:rwx dir setfacl: illegal option -- R usage: setfacl -f aclfile file ... setfacl -d acl_entries file ... setfacl -m acl_entries file ... setfacl -s acl_entries file... (2 Replies)
Discussion started by: manoj_dahiya22
2 Replies

6. Solaris

Issue with setfacl

Hi Experts, I have set access control to a directory which is under / as /proj1 and set the access to user1 as below Once I logging as user1 I am able to create and modify the file which is created by user1 however I am unable to edit / modify the file which is own by root.... (14 Replies)
Discussion started by: kumarmani
14 Replies

7. AIX

How to monitor the IBM AIX server for I/O usage,memory usage,CPU usage,network..?

How to monitor the IBM AIX server for I/O usage, memory usage, CPU usage, network usage, storage usage? (3 Replies)
Discussion started by: laknar
3 Replies

8. Solaris

setfacl on a directory

Hi All, I am trying to set an ACL for a directory on my Solaris 10 box. I have an application which resides under /opt/CA directory. Application is installed by root and running as root. All log and configuration files are placed under /opt/CA as well. What I am trying to do is granting... (1 Reply)
Discussion started by: niyazi
1 Replies

9. UNIX for Advanced & Expert Users

setfacl directory limit

hello, I am using XFS filesystem & ACL (setfacl/getfacl). I can set ACL entries only for 21 users per one directory. For the 22nd user it shows invalid argument. Has somebody the same problem? I need to override this limit. thnks in advance david (3 Replies)
Discussion started by: sigd
3 Replies

10. UNIX for Dummies Questions & Answers

help needed with setfacl

Hi, On the setfacl, I am trying to make one user with no rwx privilleges. After reading the man page I still can't get it. Please let me know the correct command. set user - SAM to have NO rwx privilleges on NEW objects setfacl -dm user:sam:--- /opt set user - SAM to have NO... (2 Replies)
Discussion started by: samnyc
2 Replies

LEARN ABOUT DEBIAN

lfc-setacl

LFC-SETACL(1)							 LFC User Commands						     LFC-SETACL(1)

NAME

       lfc-setacl - set LFC directory/file access control lists

SYNOPSIS

       lfc-setacl [-d] [-m] [-s] acl_entries path...

DESCRIPTION

       lfc-setacl sets the Access Control List associated with a LFC directory/file.

       acl_entries is a comma separated list of entries. Each entry has colon separated fields: ACL type, id (uid or gid), permission. Only direc-
       tories can have default ACL entries.

       The entries look like:

	    user::perm
	    user:uid:perm
	    group::perm
	    group:gid:perm
	    mask:perm
	    other:perm
	    default:user::perm
	    default:user:uid:perm
	    default:group::perm
	    default:group:gid:perm
	    default:mask:perm
	    default:other:perm

       The ACL type can be abbreviated to the first letter.  The first "user" entry gives the permissions granted to the owner of the  file.   The
       following  "user"  entries  show  the  permissions granted to specific users, they are sorted in ascending order of uid.  The first "group"
       entry gives the permissions granted to the group owner of the file.  The following "group" entries show the permissions granted to specific
       groups,	they  are  sorted  in ascending order of gid.  The "mask" entry is the maximum permission granted to specific users or groups.	It
       does not affect the "owner" and "other" permissions.  The "mask" entry must be present if there are specific  "user"  or  "group"  entries.
       "default"  entries  associated  with a directory are inherited as access ACL by the files or sub-directories created in that directory. The
       umask is not used.  Sub-directories also inherit the default ACL as default ACL.  As soon as there is one default ACL entry, the 3  default
       ACL base entries (default user, default group, default other) must be present.

       The entry processing conforms to the Posix 1003.1e draft standard 17.

       The effective user ID of the process must match the owner of the file or the caller must have ADMIN privilege in the Cupv database.

       path   specifies the LFC pathname.  If path does not start with /, it is prefixed by the content of the LFC_HOME environment variable.

       uid    can be given as the username or the corresponding numeric id.

       gid    can be given as the groupname or the corresponding numeric id.

       perm   can be expressed as a combination of characters rwx- or as a value between 0 and 7.

OPTIONS

       -d     remove ACL entries. The "perm" field is ignored.

       -m     modify existing ACL entries or add new entries.

       -s     set the ACL entries. The complete set of ACL entries is replaced.

EXAMPLES

       Let's create a directory:
	    lfc-mkdir /grid/atlas/test/file.log/d6
       and add write permission for user bcouturi:
	    lfc-setacl -m u:bcouturi:rwx,m:rwx /grid/atlas/test/file.log/d6
       Let's create a directory:
	    lfc-mkdir /grid/atlas/test/file.log/d7
       and add default ACLs to it:
	    lfc-setacl -m d:u::7,d:g::7,d:o:5 /grid/atlas/test/file.log/d7
       Let's check the resulting ACLs:
	    lfc-getacl /grid/atlas/test/file.log/d7
       # file: /grid/atlas/test/file.log/d7
       # owner: baud
       # group: c3
       user::rwx
       group::r-x	       #effective:r-x
       other::r-x
       default:user::rwx
       default:group::rwx
       default:other::r-x

       Let's create a sub-directory and check the resulting ACLs:
	    lfc-mkdir /grid/atlas/test/file.log/d7/d2
	    lfc-getacl /grid/atlas/test/file.log/d7/d2
       # file: /grid/atlas/test/file.log/d7/d2
       # owner: baud
       # group: c3
       user::rwx
       group::rwx	       #effective:rwx
       other::r-x
       default:user::rwx
       default:group::rwx
       default:other::r-x

       Let's create a file in the same directory and check the resulting ACLs:
	    lfc-touch /grid/atlas/test/file.log/d7/f2
	    lfc-getacl /grid/atlas/test/file.log/d7/f2
       # file: /grid/atlas/test/file.log/d7/f2
       # owner: baud
       # group: c3
       user::rw-
       group::rw-	       #effective:rw-
       other::r--

EXIT STATUS

       This program returns 0 if the operation was successful or >0 if the operation failed.

SEE ALSO

       Castor_limits(4), lfc_chmod(3), lfc_chown(3), Cupvlist(1)

AUTHOR

       LCG Grid Deployment Team

LFC
							   $Date: 2003/08/26 06:21:13 $ 					     LFC-SETACL(1)
All times are GMT -4. The time now is 02:12 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy