[Acl-Devel] Query regarding ACL
Dave Kleikamp
shaggy at linux.vnet.ibm.com
Fri Dec 29 19:03:52 CET 2006
I'll take a stab at answering. Take a look at the ACL(5) man page if
you haven't already.
On Fri, 2006-12-29 at 17:59 +0530, jitender v wrote:
> Hello All,
>
> Got a basic question regarding ACL..what will the file/directory
> permission created in a ACL configured partition. Does it takes the
> UMASK permission or the ACL permission.
If the containing directory has a default acl, that will be used,
otherwise the permissions will be based on the umask.
> Example:
> Hello,
>
> Got some queries regarding ACL's, please help me.
>
> 1. I got a partition with ACL configured. Operating System is RHEL4
> U-4.
> ]# mount -o acl /dev/sda5 /test
> ]# getfacl test
> # file: .
> # owner: root
> # group: root
> user::rwx
> group::r-x
> mask::r-x
> other::r-x
> ]# ls -ld /test
> drwxr-xr-x 3 root root 1024 Dec 28 13:59 /test
> ]# chown jeetu.apple /test
> drwxr-xr-x 3 jeetu apple 1024 Dec 28 14:01 /test
> ]# cd /test
> ]# mkdir testroot
> ]# ls -ld testroot
> drwxr-xr-x 2 root root 1024 Dec 28 14:10 testroot
> ]# getfacl testroot
> # file: testroot
> # owner: root
> # group: root
> user::rwx
> group::r-x
> other::r-x
> ]# setfacl -m u:jisa:rwx testroot
> ]# getfacl testroot
> # file: testroot
> # owner: root
> # group: root
> user::rwx
> user:jisa:rwx
> group::r-x
> mask::rwx
> other::r-x
> ]# ls -ld testroot
> drwxrwxr-x+ 2 root root 1024 Dec 28 14:52 testroot
>
> * Why does the group permission change here? If I'm not specifying rwx
> for the user jisa and only rx, then the group permission does not
> changes.
The group permission bits reflect the mask rather than actual group
permissions. This makes it easily apparent what the maximum access
rights are for anyone other than the owner of the file or directory.
> ]# setfacl -x u:jisa testroot
> ]# setfacl -m u:jisa:rx testroot
> ]# ls -ld testroot
> drwxr-xr-x+ 2 root root 1024 Dec 28 15:12 testroot
> ]# getfacl testroot
> # file: testroot
> # owner: root
> # group: root
> user::rwx
> user:jisa:rx
> group::r-x
> mask::rwx
> other::r-x
>
> * Whenever I create a file/directory, how does the permission is set
> for the file/directory? Does it takes the UMASK permission of the
> owner who's creating the file/directory or does it sets the permission
> of the parent directory or does it sets according to the ACL value of
> the parent directory.
>
> Thanks in advance,
> JI
Shaggy
--
David Kleikamp
IBM Linux Technology Center
More information about the acl-devel
mailing list