5.1-R acl problem (again)

From: Branko F. Gračnar <bfg_at_noviforum.si>
Date: Sat, 9 Aug 2003 19:41:52 +0200
Hi

Today i added new disk partition to my 5.1-release box. I want to use ACLs, which are enabled in kernel, they work partialy. They work on a single directory or file, but they don't even apply to file/directory, when i try to set so called default ACL entry.

I attached my kernel config file. Additionally, i've got loaded openbsd pf module (firewall).

Any help would be very appreciated.

Brane

Command sequence was:

# newfs -O 2 -L export -U -m 0 -o space /dev/ad0s2d
... lots of numbers ...

# tunefs -a enable /dev/ad0s2d
tunefs: ACLs set

# mount /dev/ad0s2d /export

# mount | grep /export
/dev/ad0s2d on /export (ufs, local, soft-updates, acls)


Now i create directory /export/a. I want to be owned by root:wheel, others will no have any access at all and i want that user branko will have rw access to it.

# mkdir a

# getfacl a
#file:a
#owner:0
#group:0
user::rwx
group::r-x
other::r-x

# setfacl -m u::rwx,g::rx,o::---,u:branko:rwx a

# getfacl a
#file:a
#owner:0
#group:0
user::rwx
user:branko:rwx
group::r-x
mask::rwx
other::---

(testing as branko - works okay)

Now, if root creates some files (od dirs) in 'a', owner of that file will be root and only standard unix triple acl will be assigned, so that user branko will not be able to access that file read/write. 

Well, it seems, that default directory acl need to be set to achive above goal.

# setfacl -b a

# setfacl -dm u::rwx,g::rwx,o::--,u:branko:rwx a

# getfacl a
#file:a
#owner:0
#group:0
user::rwx
group::r-x
mask::r-x
other::---

WHOOPS, where is user branko?! Why group's acls was not altered from 'r-x' to 'rwx' ?!

Ofcourse, trying to access directory 'a' as branko doesn't succeed.
Received on Sat Aug 09 2003 - 09:28:12 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:18 UTC