Date: Mon, 17 Oct 2005 09:25:43 +0200 From: Heinrich Rebehn <rebehn@ant.uni-bremen.de> To: Robert Watson <rwatson@FreeBSD.org> Cc: freebsd-fs@freebsd.org Subject: Re: Problem with default ACLs and mask Message-ID: <435351F7.10101@ant.uni-bremen.de> In-Reply-To: <20051014203021.L66014@fledge.watson.org> References: <434F4FF8.9050903@ant.uni-bremen.de> <20051014064145.GA40856@admin.sibptus.tomsk.ru> <434F9DAE.6070607@ant.uni-bremen.de> <20051014134820.GA43849@admin.sibptus.tomsk.ru> <20051014203021.L66014@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson wrote: > > On Fri, 14 Oct 2005, Victor Sudakov wrote: > >> Heinrich Rebehn wrote: >> >>> >>> As you can see, it works for the dirs created by hand, but not for >>> the dir created by tar. >> >> >> I think tar does a chmod on extracted files because it stores and >> extracts permission information. I really see no way of working around >> this. >> >> However, I think those people who designed POSIX ACLs might have had a >> solution for this problem, it is too common. > > > Our tar speaks ACLs, but I'm not sure what model it uses to decide what > to do with the default ACL of the directory where the tar is extracted. > It could well be that tar specifically restores ACLs, overriding the > default ACL where the files are untar'd. > > Robert N M Watson It happens even when the tar is extracted on a Linux system via NFS, so i do not think that tar restores ACL's here. However it does restore file permissions looking into the archive shows: -bash-2.05b$ tar tzvf \ /export/linux/root/debian/usr/local/src/TARS/STonX-0.6.5.tar.gz |more drwx--x--x 0 root root 0 Feb 9 1996 STonX-0.6.5/ ... So there is in fact no write permission for group. Doing this by hand: -bash-2.05b$ umask 0 -bash-2.05b$ mkdir D3 -bash-2.05b$ ls -lod D3 drwxrwx---+ 2 a1 ntlab - 512 Oct 17 09:22 D3 -bash-2.05b$ getfacl D3 #file:D3 #owner:624 #group:1022 user::rwx group::--- group:wiss:rwx mask::rwx other::--- -bash-2.05b$ chmod g-w D3 -bash-2.05b$ ls -lod D3 drwxr-x---+ 2 a1 ntlab - 512 Oct 17 09:22 D3 -bash-2.05b$ getfacl D3 #file:D3 #owner:624 #group:1022 user::rwx group::--- group:wiss:rwx # effective: r-x mask::r-x other::--- Why is the write bit of the mask reset when removing write perms for group? Is this really intended? This does not make sense to me, because both permissions pertain to different groups. --Heinrich
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?435351F7.10101>