Hi John,
On Wed, Dec 26, 2001 at 11:01:38AM +0800, niu@xxxxxxxxxxxxxxxxxxxx wrote:
> Hi XFS guys,
>
> I'm using ACLs of linux XFS to manage my share files. Recently, I
> encounter a confused problem: If a user belongs to multiple groups, and
> all the groups are set ALCs to a file(directory), then how about the
> user's permission to this file(directory)?
>
> I've do some test, the result looks like that: for file, the user's
> permission is the combination(OR operation) of his groups ACLs; but
> for directory, the user's permission looks weird, it's neither OR
> operation nor AND operation of his groups ACLs.
>
> Could you explain more details about the rule of XFS ACLs? Thank you.
>
> John
>
>
XFS ACLs are based on the Posix 1003.1e draft standard 17 (Section 23).
This withdrawn Posix ACL standard can be downloaded at:
http://wt.xpilot.org/posix.1e/download.html
Andreas Grünbacher's site: http://acl.bestbits.at/
is also a useful resource.
So if you are going to use ACLs it is worth doing some ACL reading :)
I don't fully understand your problem.
Perhaps you can list the set of commands that you used
and the output from them.
Checkout the section 23.1.2 (Relationship with File permission Bits)
to see how the ACL ACEs match up with the standard file permission
bits.
In particular one would note that the group permission bits
reflect the Mask permission bits when a Mask ACE exists
and Section B.23.3.6 (in Annex B) discusses reasons why this
scheme was chosen.
(Also worthy of note, is that if you create a file whose parent dir
has a default ACL, then it's ACE permissions are set by the
_intersection_ of the respective default ACEs permission bits and
the mode bits of the parameter to open/creat.
If you have a MASK ACE (section 5.3.1.2), then the
ACE permissions on the new file will have a MASK ACE equal to
the intersection of the default MASK ACE permission bits
and the standard group permission bits of the parameter to open/creat.)
--Tim
|