 | | | Goofy ACLS (or goofy me?) | Goofy ACLS (or goofy me?) 2004-01-21 - By D Canfield
Back
We 're fighting a number of issues with ACL 's that seem odd, expecially
withing groups. For example, one person in a group can read a file,
another can write, another can 't even see it, etc.
When I do a getfacl on most of these files, I get the following:
[www]$ getfacl handbook1.htm
# file: handbook1.htm
# owner: root
# group: webgroup
user::rw-
group::rw-
group:webdev:rwx
mask::rwx
other::r--
But an ls gives this:
[www]$ ls -al handbook1.htm
-rw-rwxr--+ 1 root webgroup 32173 Oct 27 15:35 handbook1.htm
Am I misunderstanding something, or is this not telling me that getfacl
and ls are reading different things about the group permissions? Every
file in this directory is that way.
When I moved our servers, I backed up and restored the ACL 's for the
whole server (using getfacl/setfacl 's built-in method), and this week,
someone accidentally issued a setfact -b .* which recursed upward and
through most of the directories, removing acl 's on a bunch of files. Is
there any way either of these actions could have confused things?
Assuming I 'm not misreading something, is there a way to debug and find
out what 's going on here? I *could* just reset the permissions on
everything, but I 'd like to know why it happened.
Thanks
DC
--
Taroon-list mailing list
Taroon-list@(protected)
http://www.redhat.com/mailman/listinfo/taroon-list
|
|
|