Here's another example.
-----begin user test-----
[austin@UberGeek test]$ chacl u::rwx,g::rwx,o::r-x,u:root:r--,m::rwx
somefile
[austin@UberGeek test]$ ls -l
total 4
-rwxrwxr-x 1 austin austin 0 May 15 12:09 somefile
[austin@UberGeek test]$ chmod 777 somefile
[austin@UberGeek test]$ ls -l
total 4
-rwxrwxrwx 1 austin austin 0 May 15 12:09 somefile
[austin@UberGeek test]$ chacl -l somefile
somefile [u::rwx,g::rwx,o::rwx,u:root:r--,m::rwx]
[austin@UberGeek test]$ rm somefile
[austin@UberGeek test]$ ls
[austin@UberGeek test]$
-----end user test-----
What good did that do?
So let's do that as root...
-----begin root test-----
[austin@UberGeek test]$ su
Password:
[root@UberGeek test]# chacl u::rwx,g::rwx,o::r-x,u:root:r--,m::rwx
somefile
chacl: error setting access acl on "somefile": No such file or directory
[root@UberGeek test]# touch somefile
[root@UberGeek test]# chacl u::rwx,g::rwx,o::r-x,u:root:r--,m::rwx
somefile
[root@UberGeek test]# ls -l
total 4
-rwxrwxr-x 1 root root 0 May 15 12:13 somefile
[root@UberGeek test]# chown austin:austin somefile
[root@UberGeek test]# ls -l
total 4
-rwxrwxr-x 1 austin austin 0 May 15 12:13 somefile
[root@UberGeek test]# exit
[austin@UberGeek test]$ chacl -l somefile
somefile [u::rwx,g::rwx,o::r-x,u:root:r--,m::rwx]
[austin@UberGeek test]$ rm somefile
[austin@UberGeek test]$ ls
-----end root test-----
So what's the point. I still don't see it. I see no strict enforcement of
the ACL. I'm not in the root group, no super powers..just rm. :)
--
Austin Gonyou
Systems Architect, CCNA
Coremetrics, Inc.
Phone: 512-796-9023
email: austin@xxxxxxxxxxxxxxx
|