[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Setting Permissions with ACLs

To: jtrostel@connex.com
Subject: RE: Setting Permissions with ACLs
From: Stephen VanPelt <vanpelts@musc.edu>
Date: Mon, 04 Jun 2001 11:05:29 -0400
Cc: linux-xfs@oss.sgi.com
In-reply-to: <XFMail.20010604104644.jtrostel@connex.com>
Sender: owner-linux-xfs@oss.sgi.com

see comments below

--On Monday, June 04, 2001 10:48 AM -0400 John Trostel 
<jtrostel@connex.com> wrote:

> Are you the original owner of the files you are trying to change the ACLs
> of?

Yes, and I'm able to change the ACLs.

>
> Try this and tell me what you see:
>
> 1. In an XFS directory you own, create a file:
>
>  $ touch a_file
>
> 2. check the permissions (assuming a standard umask)
>
>  $ ls -l a_file
>  -rw-rw-r--    1 jt       jt              0 Jun  4 10:38 a_file
>  $

   -rw-r--r-- 	1 peltman   peltman   0 Jun 4  09:53 a_file

>
> 3. check the permission with 'chacl' (no ACL applied yet)
>
>  $ chacl -l a_file
>  a_file []
>

Yup, looks good...

> 4. change the ACL using 'chacl' and check again
>
>  $ chacl u::rwx,g::r-x,o::r--,u:user1:r--,m::r-x a_file
>  $ chacl -l a_file
>   a_file [u::rwx,g::r-x,o::r--,u:user1:r--,m::r-x]
>

This part looks good too - but here's where I find problems...  If I have a 
user that I've specified (user1, in this instance) with write access log 
into the server (using netatalk - but this doesn't seem to matter), they 
cannot open the file if the file isn't chmod'ed to give "other" write 
access.  Even though the user is given write access in the ACL, they cannot 
exercise that access unless it is also allowed in "chmod"  (the file 
belongs to peltman:peltman - and of course the user is not in either of 
those groups - so unless they are set to chmod 006 or 007, then the ACL 
doesn't seem to be able to grant any access that the chmod denies).



>
> On 04-Jun-2001 Stephen VanPelt wrote:
>> Hello there,
>>
>> I'm running Redhat 7.1 with XFS, and I've got a quick question about
>> setting permissions using the ACLs.  I tried many different
>> configurations  when setting permissions on a directory and on a file,
>> but I found that the  ACLs can only grant permissions on files that I've
>> chmod'ed to 777.  Basically I'm finding that the ACLs cannot grant a
>> right that has not  already been granted by chmod, although the ACLs
>> will in fact restrict  access that has been authorized by chmod.
>>
>> I'm just making sure that I'm doing everything in the best possible
>> manner,  and that I have not missed a step here.  I'm very new to the
>> linux ACL game  (never touched an Irix machine in my life), and I'm a
>> little wary :)
>>
>> Thanks for any help or suggestions you might have,
>>
>> Stephen VanPelt
>>
>>
>>
>> Stephen VanPelt
>> Information Technology Consultant
>> MUSC Center for Drug and Alcohol Programs
>> PH: 843-792-5558 Internet:   vanpelts@musc.edu
>>
>>
>> __________________BEGIN FOOTER___________________
>> **The Views Expressed by the Author of this Message are not **
>> **necessarily those of the Medical University of South Carolina**
>
> --
> John M. Trostel
> Linux OS Engineer
> Connex
> jtrostel@connex.com





Stephen VanPelt
Information Technology Consultant
MUSC Center for Drug and Alcohol Programs
PH: 843-792-5558 Internet:   vanpelts@musc.edu


__________________BEGIN FOOTER___________________
**The Views Expressed by the Author of this Message are not **
**necessarily those of the Medical University of South Carolina**

Follow-Ups:
- RE: Setting Permissions with ACLs
  - From: John Trostel <jtrostel@connex.com>

References:
- RE: Setting Permissions with ACLs
  - From: John Trostel <jtrostel@connex.com>

Prev by Date: Re: Setting Permissions with ACLs
Next by Date: Re: permission problems..
Previous by thread: RE: Setting Permissions with ACLs
Next by thread: RE: Setting Permissions with ACLs
Index(es):
- Date
- Thread