Re: 5.1 setfacl problem

• Previous message: Branko F. Gracnar: "Re: ufs2 snapshots in 5.1 still broken"
• In reply to: Branko F. Gračnar: "5.1 setfacl problem"
• Next in thread: Branko F. Gracnar: "Re: 5.1 setfacl problem"
• Reply: Branko F. Gracnar: "Re: 5.1 setfacl problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 19 Jul 2003 18:00:49 -0400 (EDT)
To: "Branko F. Gračnar" <bfg@noviforum.si>

On Sat, 19 Jul 2003, [iso-8859-2] Branko F. Gračnar wrote:

> Hi there!
>
> I'm running 5.1 on i386 platform and i have silly problem with acls.
>
> I have disks mounted with acl option (ofcourse they are formatted with
> ufs2) and acls generally work okay.
>
> But when i try to set default directory acl entry i get 'Invalid
> argument' error.
>
> Here is example command usage:
>
> # setfacl -dm m::rwx,u:some_user:rwx test_directory
> setfacl: acl_set_file() failed for test_directory: Invalid argument
>
> This is really annoying...
>
> Any ideas, how to solve this?

POSIX.1eD17 23.1.3 requires that default ACLs have the same minimum
entries as an access ACL, meaning that all default ACLs must contain at
least object owner, object group, and other fields. If you have extended
entries, you must also have a mask field. If the test_directory above
doesn't already have an ACL on it to modify, the command you're using will
specify what POSIX.1e considers an incomplete ACL and rejects. Try using:

  setfacl -dm u::rwx,g::rx,o::rx,u:some_user:rwx,m:rwx test_directory

and see if that works better for you. If so, that was probably the
problem. I haven't checked to see if other implementations have different
interpretations of POSIX.1e, or bend the rules in various ways, but they
might well do. We could, in theory, weaken the rules, but the logic to
combine partial default ACLs, requested creation mode, and umask would be
complicated...

Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org Network Associates Laboratories

_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"

• Previous message: Branko F. Gracnar: "Re: ufs2 snapshots in 5.1 still broken"
• In reply to: Branko F. Gračnar: "5.1 setfacl problem"
• Next in thread: Branko F. Gracnar: "Re: 5.1 setfacl problem"
• Reply: Branko F. Gracnar: "Re: 5.1 setfacl problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Thinking outside the box on file systems ... Kyle Moffett wrote: ... permissions described by the "default:" entries in the ACL, ... subdirectories will get a copy of said "default:" entries. ... although I would give write permissions to a group ... (Linux-Kernel) Re: possible NIS/ACL bug? ... > entries for the two ACL added groups, but no GID seems to have ... > been stored with each entry, whereas the example in the daemon ... (freebsd-current) Re: AutoText tables with unwanted auto borders ... Just by the way--AutoText entries are saved in the Normal template, ... ACL file should not make a difference. ... that was the corrupt file. ... (microsoft.public.mac.office.word) Re: Auto Correct ... AutoCorrect entries are stored in two places: ... * The "Formatted" ones are in the template along with ... the macro will delete entries from either the ACL or the ... If AutoCorrect entries are held in the MS Office ACL ... (microsoft.public.mac.office.word) [PATCH 008 of 9] knfsd: nfsd4: acls: avoid unnecessary denies ... in an acl. ... That's fine, but we're doing that by inserting a deny after *every* allow, ... Also replaced some helper functions for creating acl entries; ... (Linux-Kernel)