From owner-freebsd-questions@FreeBSD.ORG Wed Apr 18 13:25:54 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 45A1F16A416; Wed, 18 Apr 2007 13:25:54 +0000 (UTC) (envelope-from amistry@am-productions.biz) Received: from mail.united-ware.com (am-productions.biz [69.61.164.22]) by mx1.freebsd.org (Postfix) with ESMTP id A17E013C455; Wed, 18 Apr 2007 13:25:52 +0000 (UTC) (envelope-from amistry@am-productions.biz) Received: from [192.168.1.100] (cpe-71-72-80-132.columbus.res.rr.com [71.72.80.132]) (authenticated bits=0) by mail.united-ware.com (8.13.8/8.13.8) with ESMTP id l3IDp31Z092291 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 18 Apr 2007 09:51:13 -0400 (EDT) (envelope-from amistry@am-productions.biz) From: Anish Mistry Organization: AM Productions To: "Marc G. Fournier" Date: Wed, 18 Apr 2007 09:28:24 -0400 User-Agent: KMail/1.9.6 References: <1ACB3D2C20999637C4A5FB61@ganymede.hub.org> In-Reply-To: <1ACB3D2C20999637C4A5FB61@ganymede.hub.org> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart3438234.2ArhhXzn74"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200704180928.32391.amistry@am-productions.biz> X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_50,J_CHICKENPOX_29, J_CHICKENPOX_64,MYFREEBSD2,MYFREEBSD3,RCVD_IN_NJABL_DUL,SPF_SOFTFAIL autolearn=failed version=3.1.3 X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on mail.united-ware.com X-Virus-Scanned: ClamAV 0.88.7/3118/Wed Apr 18 06:42:54 2007 on mail.united-ware.com X-Virus-Status: Clean Cc: freebsd-questions@freebsd.org Subject: Re: ACLs in a jail ... not usable? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Apr 2007 13:25:54 -0000 --nextPart3438234.2ArhhXzn74 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Wednesday 18 April 2007, Marc G. Fournier wrote: > --On Tuesday, April 17, 2007 22:38:45 -0400 Anish Mistry > > wrote: > > On Tuesday 17 April 2007, Marc G. Fournier wrote: > >> Just want to make sure there isn't something I'm missing, but it > >> apears ACLs aren't settable from within a jail? > >> > >> # setfacl -m g:mail:rwx Login.1 > >> setfacl: acl_get_file() failed: Operation not supported > > > > ACLs work fine in jails. Are you sure you enabled ACLs on the > > filesystem? > > Great, knew it couldn't be *that* easy :( > > At what point do I have to enable them? I figured 'if getfacl > worked, setfacl would too': > > # getfacl cvsupd.core > #file:cvsupd.core > #owner:0 > #group:0 > user::rw- > group::--- > other::--- > > Apparently not ... ? > > A quick look at tunefs, I see the -a option ... I take it -a enable > is all I have to do to the file system to enable ACLs? Yes, or you could also add the acls options to your fstab. eg. /dev/mirror/gm0s1h /usr/jail/hosting ufs =20 rw,userquota,groupquota,acls 2 2 > > Thanks ... > > > > ---- > Marc G. Fournier Hub.Org Networking Services > (http://www.hub.org) Email . scrappy@hub.org =20 > MSN . scrappy@hub.org Yahoo . yscrappy Skype: > hub.org ICQ . 7615664 =2D-=20 Anish Mistry amistry@am-productions.biz AM Productions http://am-productions.biz/ --nextPart3438234.2ArhhXzn74 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.3 (FreeBSD) iD8DBQBGJh0AxqA5ziudZT0RArQLAJ41ypakmvFyis8mvNa2oQX86mQZqACdFzcb BK2j0rF9UKtsBegJKiX9ozI= =iPvk -----END PGP SIGNATURE----- --nextPart3438234.2ArhhXzn74--