Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 8 Nov 2002 09:57:43 -0500 (EST)
From:      Robert Watson <rwatson@freebsd.org>
To:        Dan Pelleg <daniel+bsd@pelleg.org>
Cc:        current@freebsd.org, questions@freebsd.org
Subject:   Re: setfacl requirements?
Message-ID:  <Pine.NEB.3.96L.1021108095400.16641E-100000@fledge.watson.org>
In-Reply-To: <15819.52313.101458.727704@gargle.gargle.HOWL>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Fri, 8 Nov 2002, Dan Pelleg wrote:

> I'm trying to use setfacl - just the example that's in the manpage. All
> I ever get is:  setfacl: acl_get_file() failed: Operation not supported

This error generally results from three cases:

(1) UFS_ACL isn't enabled
(2) Extended attributes aren't available on the file system (shouldn't
    happen for UFS2, but might happen for UFS1 if you don't have
    UFS_EXTATTR and appropriate configuration of EAs) 
(3) The file system isn't mounted with the ACL option: either -o acls (or
    acls in the fstab file), or more reliably, setting the "tunefs -a
    enable" flag in the file system configuration.

>  getfacl seems to work fwiw.

For better or for worse, POSIX.1e defines that getfacl() will print the
current file permissions as an ACL if ACLs aren't available on the file
system.  As such, you're probably just seeing the results of stat()
printed in an ACL form.

> Same results on UFS and UFS2 filesystems. I have UFS_ACL, also tried
> UFS_EXTATTR. -current as of about a week ago. 

With UFS2, it should be sufficient to run the following command on the
unmounted device:

	tunefs -a enable /dev/storagedevicehere

and then mount the file system, which will result in ACLs being
automatically enabled.  As mentioned above, it is possible to set the flag
using the mount -o options invocation, or via an fstab entry, but that's a
lot less reliable if some sort of failure occurs, and also doesn't work
well for the root file system.  tunefs is the most reliable way to enable
ACLs.

Let us know if that doesn't work.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Network Associates Laboratories


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1021108095400.16641E-100000>