setting default directory ACLs using xargs
Doug Sampson
dougs at dawnsign.com
Sat Feb 13 05:08:51 UTC 2010
I need to do this at the command prompt for all directories:
root at aries:/data/Products# getfacl -d .
# file: .
# owner: DSP-alfredo
# group: DSP-production
root at aries:/data/Products# getfacl . | setfacl -d -b -n -M - .
root at aries:/data/Products# getfacl -d .
# file: .
# owner: DSP-alfredo
# group: DSP-production
user::rwx
user:DSP-alfredo:rwx
group::rwx
group:DSP-production:rwx
mask::rwx
other::r-x
root at aries:/data/Products#
okay, it works.
Now, I have thousands of subdirectories that I want to apply this to. When I
attempt to use the xarg command with the above command modified to work with
xargs, I end up with an error message:
root at aries:/data/Products/RSVP# find . -type d -print0 | xargs -0 getfacl |
setfacl -d -b -n -M -
setfacl: line too long in -
root at aries:/data/Products/RSVP#
Okay, that doesn't work. What is the output of...
root at aries:/data/Products/RSVP# find . -type d -print0 | xargs -0 getfacl
# file: .
# owner: DSP-alfredo
# group: DSP-production
user::rwx
user:DSP-doug:rwx
user:DSP-alfredo:rwx
group::rwx
group:DSP-production:rwx
mask::rwx
other::r-x
# file: ./.AppleDouble
# owner: DSP-alfredo
# group: DSP-production
user::rwx
user:DSP-doug:rwx
user:DSP-alfredo:rwx
group::rwx
group:DSP-production:rwx
mask::rwx
other::r-x
# file: ./Design
# owner: DSP-alfredo
# group: DSP-production
user::rwx
user:DSP-doug:rwx
user:DSP-alfredo:rwx
group::rwx
group:DSP-production:rwx
mask::rwx
other::r-x
# file: ./Design/Dev Heads
# owner: DSP-alfredo
# group: DSP-production
user::rwx
user:DSP-doug:rwx
user:DSP-alfredo:rwx
group::rwx
group:DSP-production:rwx
mask::rwx
other::r-x
# file: ./Design/Dev Heads/Backup
# owner: DSP-alfredo
# group: DSP-production
user::rwx
user:DSP-doug:rwx
user:DSP-alfredo:rwx
group::rwx
group:DSP-production:rwx
mask::rwx
other::r-x
[ ..snip..]
# file: ./Design/need cleanup/head/OLD
# owner: DSP-alfredo
# group: DSP-production
user::rwx
user:DSP-doug:rwx
user:DSP-alfredo:rwx
group::rwx
group:DSP-production:rwx
mask::rwx
other::r-x
# file: ./Manuscripts
# owner: DSP-matte
# group: DSP-production
user::rwx
user:DSP-doug:rwx
user:DSP-alfredo:rwx
group::rwx
group:DSP-production:rwx
mask::rwx
other::r-x
root at aries:/data/Products/RSVP#
Seems there are approximately 10 lines of output for each 'getfacl' command.
How do I feed each group of ten lines into the next command of 'setfacl'?
The manpages of xargs are a bit cryptic for me.
NOTE: There appears to be a known bug with the 'setfacl' utility when
attempting to set default ACLs on directories. See
http://lists.freebsd.org/pipermail/freebsd-fs/2005-May/001053.html for more
details. This is what led me to the workaround of:
$ getfacl /aclTest/ | setfacl -d -b -n -M - /aclTest/
which actually works for me. I do dread the idea of having to manually apply
this to all existing directories in the /data filesystem. Thousands of them.
Trying again:
root at aries:/data/Products/RSVP# find . -type d -print0 | xargs -0 getfacl .
| setfacl -d -b -n -M -
setfacl: line too long in -
root at aries:/data/Products/RSVP# find . -type d -print0 | xargs -0 getfacl .
| setfacl -d -b -n -M - .
setfacl: line too long in -
root at aries:/data/Products/RSVP# find . -type d -print0 | xargs -0 getfacl .
| xargs -0 setfacl -d -b -n -M - .
setfacl: illegal filename: Inappropriate ioctl for device
root at aries:/data/Products/RSVP# find . -type d -print0 | xargs -0 getfacl .
| setfacl -d -b -n -M - .
setfacl: line too long in -
root at aries:/data/Products/RSVP#
Any ideas?
~Doug
More information about the freebsd-questions
mailing list