On Mon, Apr 29, 2002 at 08:34:02PM -0400, jtrostel@xxxxxxxxxxxxxx wrote:
> default:user::rwx
> default:user:a100:r--
> default:group::r-x
> default:mask::r-x
> default:other::r-x
>
> The default acl will be applied to foo_dir
so please explain how to set a default acl which will grant user a100
r-- for newly created files and r-x for newly created directories.
> So both the default and the access acls on foo_dir are the same and include an
> entry of r-- for the additional user 'a100'.
>
> >From the 'acl' man page:
>
> If a default ACL is associated with a directory, the mode parameter to
> the functions creating file objects and the default ACL of the directory
> are used to determine the ACL of the new object:
>
> 1. The new object inherits the default ACL of the containing directory
> as its access ACL.
>
> 2. The access ACL entries corresponding to the file permission bits are
> modified so that they contain no permissions that are not contained
> in the permissions specified by the mode parameter.
>
the way i read this #2 should ensure that execute permission is
removed from user a100 for file creation if the default acl lists
a100:r-x, but thats not what occurs, user a100 is always given execute
permission to the newly created file, which is not desired.
--
Ethan Benson
http://www.alaska.net/~erbenson/
pgpT6y4q8rvmK.pgp
Description: PGP signature
|