|Subject:||Default ACL execute permission inheritance|
|From:||"Daniel J. Mastrian" <djm2@xxxxxxxxxxxxxx>|
|Date:||Tue, 07 Aug 2001 21:45:48 -0400|
I've searched through the Linux-XFS mailing list archives, searched through
google, and even skimmed the IEEE Posix 1003.1e draft standard, and perhaps
I'm just dense, but I haven't found a sufficient answer to this question
about ACLs (in general...although in this case I am using XFS on Linux)|
I want the user and group who owns /foo to have rw- for all files, and rwx for all directories. I want user apache to have r-- for all files, and r-x for all directories. Everyone else should have --- (although I want to leave the option open to give a specific user write access later on, for example)
So say I set /foo to have this default ACL... u::rwx,g::rwx,o::---,m::rwx,u:apache:r-x
Now, if I create a directory /foo/bar, bar has an access ACL and a default ACL identical to /foo's default ACL. Correct, intended behavior, yay.
However, if I 'touch somefile', I get a file access ACL that is not what I expected...
I see two things wrong with this. (1) ACL_GROUP_OBJ has rwx perms. It should not be able to execute. I believe someone else on this list mentioned that this was part of the standard, although weird. If this is intended behavior, could someone please confirm it? (2) apache has r-x perms, and should also not have the execute bit set. Shouldn't the execute bit have been dropped by intersection with the rw-rw-rw- creation permissions?
I'll admit, I've never used ACLs before in Linux (or Irix), but something seems broken here. That "something" is most likely me :), but I'd feel a lot better if someone could explain either what I'm doing wrong, or why this is the way it is.
Thanks so much!
======================== Dan Mastrian djm2@xxxxxxxxxxxxxx ========================
|<Prev in Thread]||Current Thread||[Next in Thread>|
|Previous by Date:||Kernel patches, Charles R. Tersteeg|
|Next by Date:||Re: Kernel Oops RedHat 7.1 kernel-2.4.5 xfx-1.0.1, Bernhard R. Erdmann|
|Previous by Thread:||Kernel patches, Charles R. Tersteeg|
|Next by Thread:||Re: Default ACL execute permission inheritance, Timothy Shimmin|
|Indexes:||[Date] [Thread] [Top] [All Lists]|