ACLs, permission mask and chmod g=

Svein Halvor Halvorsen svein.h at lvor.halvorsen.cc
Fri Aug 8 22:29:33 UTC 2008


acmeinc wrote:
> You may consider trying chmod 660 filename.

It gives the same result. When changing group permission (either
way) on a file with acls, you're effectively changing the acl mask
instead. Also, if I change acl mask with setfacl, then ls -l will
list the permission mask in the group columns in the output.

If this is by design, then it isn't documented in chmod(1) (or
anywhere else that I can see).

It kinda makes sense this way, though. If you chmod the group
permission, you change all groups' permissions. But I'd like to see
it documented, as it caused me some confusion, and I still think
that this isn't obvious.


> Svein Halvor Halvorsen-4 wrote:
>> If I have acls enabled on a file, running chmod g=rw on that file,
>> will not change its group permissions, but the acl mask.
>>
>> That is, running the following command:
>> 	$ chmod g=rw foo
>>
>> ... is equivalent with
>> 	$ setfacl -m m::rw-
>>
>> ... and not, as I would suspect:
>> 	$ setfacl -m g::rw-
>>
>> In other words, foo will not be read/writable by its default group
>> after the command have been run (unless it was already).
>>
>> I find this behaviour to be very confusing. It might be the correct
>> bahaviour, but if so maybe the chmod(1) manpage, and possibly
>> chmod(2), should be updated to document this?
>>
>>
>> 	Svein Halvor
>>
>>
>>  
>>
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 255 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20080808/e410e06a/signature.pgp


More information about the freebsd-questions mailing list