Problem with default ACLs and mask
Heinrich Rebehn
rebehn at ant.uni-bremen.de
Thu Oct 13 23:28:09 PDT 2005
Hi list,
since i got no reply on the questions@ ML i try my luck here:
I want to use ACLs to enable the group "wiss" to delete all files that a
lab user has created in his home directory "/export/homes/lab/a1".
I set up ACLs as follows:
root at antsrv1 [/export/homes/lab] # getfacl a1
#file:a1
#owner:624
#group:1022
user::rwx
group::---
group:wiss:rwx
mask::rwx
other::---
root at antsrv1 [/export/homes/lab] # getfacl -d a1
#file:a1
#owner:624
#group:1022
user::rwx
group::---
group:wiss:rwx
mask::rwx
other::---
Now we create a directory in ~a1:
root at antsrv1 [/export/homes/lab] # cd a1
root at antsrv1 [/export/homes/lab/a1] # mkdir d
root at antsrv1 [/export/homes/lab/a1] # getfacl d
#file:d
#owner:0
#group:1022
user::rwx
group::---
group:wiss:rwx # effective: r-x
mask::r-x
other::---
The mask has not been inherited from the upper level directory!
The next directory has been created by the user extracting a tar ball:
root at antsrv1 [/export/homes/lab/a1] # getfacl STonX-0.6.5/
#file:STonX-0.6.5/
#owner:624
#group:1022
user::rwx
group::---
group:wiss:rwx # effective: --x
mask::--x
other::---
In this case, the "wiss" group can not even read the directory.
So, my idea to enable the wiss group to manage the lab user's files does
not seem to work.
Am i doing something wrong here? Why is the mask not propagated?
Any hint would be greately appreciated.
I am using 5.4-RELEASE-p7, the filesystem is UFS2.
Update: I saw a post suggesting using different umasks, but that did not
work either (besides being a bit clumsy solution).
--
Heinrich Rebehn
University of Bremen
Physics / Electrical and Electronics Engineering
- Department of Telecommunications -
Phone : +49/421/218-4664
Fax : -3341
More information about the freebsd-fs
mailing list