Re: ACLs on directories



In article <1156903941.188842.286430@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
<victorfeng1973@xxxxxxxxx> wrote:
It appears nothing wrong. Is it necessary to put
group:foo:rwx #effective:rwx
default:group:foo:rwx
there since foo is the group owner?

I can replicate without the directory userid/groupid to foo:foo.
# mkdir bar
# chown root:root bar
# chmod u+rwx,g+rwx,o+rx bar
# cat <<EOF | setfacl -f - bar
user::rwx
group::rwx #effective:rwx
group:foo:rwx #effective:rwx
mask:rwx
other:r-x
default:user::rwx
default:group::rwx
default:group:foo:rwx
default:mask:rwx
default:other:r-x
EOF

I think the directory ACLs are correct though fsck(1M) insists
on clearing them. The resulting file ACLs are as I want them
and are left untouched by fsck(1M).

$ touch bar/bar.txt
$ getfacl bar/bar.txt

# file: bar/bar.txt
# owner: foo
# group: foo
user::rw-
group::rw- #effective:rw-
group:foo:rwx #effective:rw-
mask:rw-
other:r--

John
groenveld@xxxxxxx
.