I am building a glusterfs environment for file storage and need to set up ACL's as there are multiple users that need different types of access. I have ingested ~20TB of needed data to /toplevel dir and:
What I need from ACL as far as permissions on all files and folders is:
group1:rwx
group2:rwx
group3:r--
This it appears I can accomplish with:
The problem I'm having is with the defaults that need to be in place for user folder and file creation inheriting the same permissions. I ran:
However, this did not allow for what I need (possibly due to mask?). If a user in group1 created a folder, another user in group1 could not write to it.
So, in testing a couple things I ran:
This did not change the behavior. Here is the getfacl on /toplevel now:
Does anyone see here what I am doing wrong?
A related question: When configuring the default settings, is using the '-R' ONLY looking for directories to set the defaults or is it traversing files and skipping them, slowing down the process? Or would it be more efficient to do something like:
Thanks in advance, any guidance is greatly appreciated..
HB
---------- Post updated at 05:50 PM ---------- Previous update was at 03:00 PM ----------
Update:
When I create a folder under /toplevel from the command line as directory owner root, I get the following ACL's:
And with these ACL's, I can write to the newly created /toplevel/testing3 with users in group1.
When I create a folder under /toplevel from a CIFS share as a user in group1, I get the following ACL's:
With these ACL's users in group1 other than user.1 are unable to write to the newly created /toplevel/testing4 directory.
Does anyone have any idea of what is going on here?
Thanks,
HB
Update:
I have found that my problem was with my Samba settings (smb.conf). Specifically, I needed to add:
I want to set ACL permissions using this command in solaris 10 , but I get an error message.
server# mkdir dir1
server# setfacl -m user:allan:rwx dir1
setacl error: Operation not applicable
Any one can help in this matter.
Please use CODE tags as required by forum rules! (2 Replies)
Folks,
Solaris 10 issue
When I add a new directory to a path, I only get the "group@" line in the ACL
The parent directory ACL is
drwxrws---+ 12 root teama 12 Jul 18 10:31 .
owner@:rwxp-DaARWc---:------:allow
group@:rwxp-DaARWc--s:fd----:allow
... (0 Replies)
Hi, I want to know what does the "effective" comment means in the output of the getfacl and whether it has to do with the acl mask...
thanks (0 Replies)
Hello All,
I just inherent a new server with RedHat AS4 and ACL file system. I'm new to ACL and was trying to dump the system for backup and got errors that the ACL inodes would not be backed up. I have tried different command for backup such as star pax but found that there is a limitation of... (2 Replies)
I know that IBM's official stance is that NIM does not work on etherchannel environment, but has anyone able to get around it?
I'm working on a p5-590 LPAR system, and the NIM master and clients are all on the same frame.
Any help is appreciated. (1 Reply)
Hi folks, thanks for reading this. I have been asked to manage our company's SCO OpenServer 5 system since the old administrator left. I have a very basic knowledge of Unix, but only the basic commands - ls, ps, chmod, etc.
This server holds thousands of programs (converted Basic programs,... (4 Replies)
Hello genius..!
what do y'all think of these questions...? help appreciated...!
Access Control Lists and privileges....
# Why both file ACLs and user permissions/privileges (not to be confused with rights in ACLs) are used in Windows access control (why not just use one of these)?
# In... (1 Reply)
Hi all,
I've just been handled the responsibility for a FTP-site. Having no experiens of UNIX at all. And now one of my users needs to have full access to the usr directory and all it's subdirectories, don't know why just trying to do what the boss tells me. The type of UNIX is FreeBSD and the... (4 Replies)