On 29-Apr-2002 Ethan Benson wrote:
> On Mon, Apr 29, 2002 at 10:50:31AM -0400, jtrostel@xxxxxxxxxxxxxx wrote:
>
>> [root@jtsdell test_dir]# mkdir foo_dir
>> [root@jtsdell test_dir]# getfacl foo_dir
>> # file: foo_dir
>> # owner: root
>> # group: root
>> user::rwx
>> user:a100:r--
> ^^^^
> and this is not broken?
Er... um... I don't think so. I had an access and a default acl on the parent
directory of
user::rwx
group::r-x
other::r-x
default:user::rwx
default:user:a100:r--
default:group::r-x
default:mask::r-x
default:other::r-x
The default acl will be applied to foo_dir
[root@jtsdell test_dir]# mkdir foo_dir
[root@jtsdell test_dir]# getfacl foo_dir
# file: foo_dir
# owner: root
# group: root
user::rwx
user:a100:r--
group::r-x
mask::r-x
other::r-x
default:user::rwx
default:user:a100:r--
default:group::r-x
default:mask::r-x
default:other::r-x
So both the default and the access acls on foo_dir are the same and include an
entry of r-- for the additional user 'a100'.
>From the 'acl' man page:
If a default ACL is associated with a directory, the mode parameter to
the functions creating file objects and the default ACL of the directory
are used to determine the ACL of the new object:
1. The new object inherits the default ACL of the containing directory
as its access ACL.
2. The access ACL entries corresponding to the file permission bits are
modified so that they contain no permissions that are not contained
in the permissions specified by the mode parameter.
--
John M. Trostel
Senior Software Engineer
Quantum Corp. / NASD
jtrostel@xxxxxxxxxxxxxx
|