[Acl-Devel] Calculating effective ACLs
Andreas Gruenbacher
agruen at suse.de
Fri Aug 18 05:20:30 CEST 2006
On Wednesday 16 August 2006 02:18, Jake Goulding wrote:
> I have a sticky situation where I would like to get the effective ACL
> for a file. For example:
>
> GROUP 1: a, b, c
> GROUP 2: b, d, e
> GROUP 3: b
>
> If I have this directory structure:
> /alpha/beta/omega/file.txt
>
> with the following permissions:
> alpha is root:group1 - 0770
> beta is apache:group2 - 0770
> omega is b:group3 - 0770
> file.txt is b:group1 - 0777
>
> Now, if I use the ACL functions, I will see that b, group2, and other
> can all read this file.
> However, no one but b can get into omega, no one but apache and group2
> can get into beta, and root and group1 can get into alpha.
>
> So, realistically, only b can get to the file, as no one else has
> execute permissions all the way to that file. Is there some way I can
> calculate who these people are?
You just did that: root and users which are in all three groups have full
access to /alpha/beta/omega/file.txt. There is no way to express this as a
single ACL.
Andreas
More information about the acl-devel
mailing list