UNIX for Advanced & Expert Users

Hi, i think i have found a bug in the unix ACL permissions.
I tested this problem in the Ubuntu 9.10 and in SLES 10 and 11, all of them with setfacl 2.2.47.

Well, I have done the following test:

1) Create a folder and set some named user, and set the same ACL entry for the Default ACL, like the following example:

Code:

mkdir dir1
setfacl -m u:rodrigo:rwx dir1/
setfacl -d -m u:rodrigo:rwx dir1/
getfacl dir1/
# file: dir1/
# owner: root
# group: root
user::rwx
user:rodrigo:rwx
group::r-x
mask::rwx
other::r-x
default:user::rwx
default:user:rodrigo:rwx
default:group::r-x
default:mask::rwx
default:other::r-x

At this moment I'm getting the following result when I type ls -l:

Code:

drwxrwxr-x+ 3 root root 4096 2010-04-18 10:35 dir1

Note that the permissions for the owner group is different than the ones shows by the getfacl command!

2) Now I create a file in this directory, that should inherit the Default ACL from dir1/

Code:

cd dir1/
touch file1
getfacl dir1/
# file: file1
# owner: rodrigo
# group: rodrigo
user::rw-
user:rodrigo:rwx        #effective:rw-
group::r-x            #effective:r--
mask::rw-
other::r--

Note that some permissions are different from the ones in the Default ACL in the dir1/

My question is: why the file1's permissions are diferrent from the dir1's default ACL entries? Is this a bug?

Thanks for reading!

No answers?

The result you got is the expected result.

See Handling ACLs especially the parts about masks.

THANKS VERY MUCH!!!!!!

I searched for this information before posting, but found nothing.

Once again, thanks very much!

Now trying to understand the recursive ACL...

Just to add some info, you might want to have a look at the richer NFSv4 ACLs... some systems only support this kind of ACLs and will compain if you try to use POSIX ACLs.