Mail Archives: cygwin/2001/06/21/20:50:00
Corinna Vinschen wrote:
> On Wed, Jun 20, 2001 at 06:02:59PM -0400, Charles S. Wilson wrote:
>
>>How do you use setfacl to set the correct permission properties on the
>>hostkey files (regardless of whatever ACL's were previously applied)?
>>
>
> The setfacl and getfacl commands as well as the corresponding API
> are implemented according to the SUN Solaris documentation. Since
> I don't know if SUN want's me to take their man pages, I just
> pointed to the man pages on http://docs.sun.com when I implemented
> that stuff. This is still valid.
>
> So you can find the man pages on http://docs.sun.com. Just search
> for `setfacl'.
Hmm... given the following file:
$ getfacl foo
# file: foo
# owner: 500
# group: 544
user::rw-
user:1002:r-x
group::rw-
group:545:r-x
group:1000:r-x
mask::rw-
other::rw-
I tried the following command (as Administrator=500, who's in group 545
and 500.545 owns the file)
$ setfacl -s user::rw-,group::---,other::---,mask::--- foo
setfacl: missing entries.
$ setfacl -d group:1000 foo
<succeeded>
$ setfacl -d group:545 foo
<succeeded>
$ setfacl -d user:1002 foo
<succeeded>
$ getfacl foo
# file: foo
# owner: 500
# group: 544
user::rw-
group::rw-
mask::rw-
other::rw-
Okay, after removing the extra stuff by hand, try again:
$ setfacl -s user::rw-,group::---,other::---,mask::--- foo
setfacl: missing entries.
Aarrgh. Okay, try it piecemeal:
$ setfacl -m user::rwx
<no error reported>
$ setfacl -m group::---
<no error reported>
$ setfacl -m other::---
setfacl: illegal acl entries
$ setfacl -m mask::---
setfacl: illegal acl entries
$ getfacl foo
~ > getfacl foo
# file: foo
# owner: 500
# group: 544
user::rw-
group::rw-
mask::rw-
other::rwx
!!!! the user:: perms were applied to other::, and the group perms
didn't take effect. (And, of course, the other:: and mask:: perms
commands failed)
What gives? I do NOT understand ACLs.
--Chuck
--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple
- Raw text -