xfs
[Top] [All Lists]

Re: Query about setfacl behavior

To: jtrostel@xxxxxxxxxxxxxx
Subject: Re: Query about setfacl behavior
From: Timothy Shimmin <tes@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 1 May 2002 17:25:50 +1000
Cc: linux-xfs@xxxxxxxxxxx
In-reply-to: <XFMail.20020430132028.jtrostel@xxxxxxxxxxxxxx>; from jtrostel@xxxxxxxxxxxxxx on Tue, Apr 30, 2002 at 01:20:28PM -0400
References: <XFMail.20020430132028.jtrostel@xxxxxxxxxxxxxx>
Sender: owner-linux-xfs@xxxxxxxxxxx
On Tue, Apr 30, 2002 at 01:20:28PM -0400, jtrostel@xxxxxxxxxxxxxx wrote:
> I am wondering if this is correct behavior...
> 
Yeah it looks wrong, John. 
It looks like the mask ACE is getting the group permissions.

e.g.
========================================================
[root@sagan xfs1]# getfacl wow
# file: wow
# owner: root
# group: root
user::r--
group::rw-
other::rwx

[root@sagan xfs1]# setfacl -m m::--- wow
[root@sagan xfs1]# getfacl wow
# file: wow
# owner: root
# group: root
user::r--
group::rw-                      #effective:---
mask::---
other::rwx

[root@sagan xfs1]# setfacl -m u::r-x wow
[root@sagan xfs1]# getfacl wow
# file: wow
# owner: root
# group: root
user::r-x
group::rw-
mask::rw-
other::rwx
========================================================

I'll look into it...

--Tim



> Using XFS CVS tip as of this morning (4/30/02) which gives me acl 2.0.10
> 
> [jt@jtsdevel xfs_part]$ getfacl --version
> getfacl 2.0.10
> 
> Set up an xfs partition with acls as follows:
> 
> [jt@jtsdevel xfs_part]$ pwd
> /mnt/xfs_part
> [jt@jtsdevel xfs_part]$ getfacl .
> # file: .
> # owner: root
> # group: root
> user::rwx
> group::rwx
> mask::rwx
> other::rwx
> default:user::rwx
> default:group::rwx
> default:mask::rwx
> default:other::rwx
> 
> I then created a new directoryon that partition, named jts_dir
> 
> [jt@jtsdevel xfs_part]$ mkdir jts_dir
> 
> [jt@jtsdevel xfs_part]$ getfacl jts_dir/
> # file: jts_dir
> # owner: jt
> # group: jt
> user::rwx
> group::rwx
> mask::rwx
> other::rwx
> default:user::rwx
> default:group::rwx
> default:mask::rwx
> default:other::rwx
> 
> Now.. I added an auxillary user 'a1' to the access aces.
> 
> [jt@jtsdevel xfs_part]$ setfacl -m u:a1:rwx jts_dir/
> [jt@jtsdevel xfs_part]$ getfacl jts_dir/
> # file: jts_dir
> # owner: jt
> # group: jt
> user::rwx
> user:a1:rwx
> group::rwx
> mask::rwx
> other::rwx
> default:user::rwx
> default:group::rwx
> default:mask::rwx
> default:other::rwx
> 
> Change the mask ace to no perms
> 
> [jt@jtsdevel xfs_part]$ setfacl -m m::--- jts_dir/
> [jt@jtsdevel xfs_part]$ getfacl jts_dir/
> # file: jts_dir
> # owner: jt
> # group: jt
> user::rwx
> user:a1:rwx                     #effective:---
> group::rwx                      #effective:---
> mask::---
> other::rwx
> default:user::rwx
> default:group::rwx
> default:mask::rwx
> default:other::rwx
> 
> NOW!  Change the aux. user 'a1' perms to something else, for instance 'rw'. 
> The
> mask ace is also changed now. (It went from --- to rwx)  Why?
> 
> 
> [jt@jtsdevel xfs_part]$ setfacl -m u:a1:rw jts_dir/
> [jt@jtsdevel xfs_part]$ getfacl jts_dir/
> # file: jts_dir
> # owner: jt
> # group: jt
> user::rwx
> user:a1:rw-
> group::rwx
> mask::rwx
> other::rwx
> default:user::rwx
> default:group::rwx
> default:mask::rwx
> default:other::rwx
> 
> P.S. (For XFS folks: chacl -l returns the same values)
> 
> -- 
> John M. Trostel
> Senior Software Engineer
> Quantum Corp. / NASD
> jtrostel@xxxxxxxxxxxxxx
> 


<Prev in Thread] Current Thread [Next in Thread>