default ACL's permission problems

From: paul (reetix_at_gmail.com)
Date: 03/18/05

  • Next message: Jerry McAllister: "Re: Default mysql config file" 
    Date: Fri, 18 Mar 2005 22:30:25 +0000
To: freebsd-questions@freebsd.org

    hello,

    This applies to FreeBSD 5.3 Release:

    I've followed the examples on setting up default acl's located at this website:

    'Working With ACLs in FreeBSD 5.x'
    http://ezine.daemonnews.org/200310/acl.html

    I'm having problems with this:

    % umask 027
    % mkdir dir

    setfacl -m u::rwx,m::rwx,g::rx,o::rx dir
    setfacl -dm u::rwx,m::rwx,g::rx,o::rx dir

    setfacl -dm u:gregory:rwx,m::rwx dir

    % touch dir/file.txt
    % getfacl dir/file.txt

    #file:dir/file.txt
    #owner:1009
    #group:0
    user::rw-
    user:gregory:rwx # effective: r--
    group::r-x # effective: r--
    mask::r--
    other::---

    when i attempt to write to file.txt as user gregory, I get permission
    denied - I can see that this is what I should expect because the mask
    is r--, but why? I've set rwx above? I saw a similar post on this
    list, and it is mentions that the file will be masked with umask. am I
    suppose to change my umask ? if so, why? why can't I set acl's to
    simply apply the default acl which I've set on the dir to any
    dirs/files created in that directory regardless of umask?

    Any help would be appreciated,

    Regards,

    Paul
    Manchester, UK
    _______________________________________________
    freebsd-questions@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

  • Next message: Jerry McAllister: "Re: Default mysql config file"

    Relevant Pages

    • Re: File System ACLs: Where to go from here in FreeBSD?
      ... > believe) also switched to the Solaris model. ... The first system I saw ACLs on was AFS, which used ACLs to extend and ... FreeBSD can take advantage of the work already put into Darwin. ... > interoperability with Linux, Solaris, IRIX, and so on. ...
      (FreeBSD-Security)
    • Re: Access Control
      ... > access control systemin FreeBSD. ... Most of the TrustedBSD work is still experimental -- that said, ... the past few months, including ACLs and Capabilities. ... currently lacks a POSIX.2c-compliant ACL setting tool, ...
      (FreeBSD-Security)
    • Re: Who is using ACLs in production?
      ... > Anyone using ACLs in production on FreeBSD 5.x? ... While not a "traditional" production environment, ... ACLs to keep user home directories relatively private but accessible at ...
      (freebsd-questions)
    • Re: ftp
      ... umask on FreeBSD is 022, which means that all users files ... I typically change the umask ... > By default every user has rights to their own home directory. ...
      (FreeBSD-Security)
    • Re: [SLE] How can I do this?
      ... >>ACLs will do what he wants. ... I came over from RedHat which used a default umask of 002 and private ... find a way to get NFS to honor the ACL set umask, ...
      (SuSE)