From owner-freebsd-fs@FreeBSD.ORG Fri Oct 14 06:28:09 2005 Return-Path: X-Original-To: freebsd-fs@freebsd.org Delivered-To: freebsd-fs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 64B3D16A420 for ; Fri, 14 Oct 2005 06:28:09 +0000 (GMT) (envelope-from rebehn@ant.uni-bremen.de) Received: from antsrv1.ant.uni-bremen.de (antsrv1.ant.uni-bremen.de [134.102.176.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 04C1E43D46 for ; Fri, 14 Oct 2005 06:28:08 +0000 (GMT) (envelope-from rebehn@ant.uni-bremen.de) Received: from bremerhaven.ant.uni-bremen.de ([134.102.176.10]) by antsrv1.ant.uni-bremen.de with esmtp (Exim 4.54 (FreeBSD)) id 1EQJ32-000DwI-Cf; Fri, 14 Oct 2005 08:28:08 +0200 Message-ID: <434F4FF8.9050903@ant.uni-bremen.de> Date: Fri, 14 Oct 2005 08:28:08 +0200 From: Heinrich Rebehn User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050831 Debian/1.7.8-1sarge2 X-Accept-Language: en MIME-Version: 1.0 To: freebsd-fs@freebsd.org Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Problem with default ACLs and mask X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Oct 2005 06:28:09 -0000 Hi list, since i got no reply on the questions@ ML i try my luck here: I want to use ACLs to enable the group "wiss" to delete all files that a lab user has created in his home directory "/export/homes/lab/a1". I set up ACLs as follows: root@antsrv1 [/export/homes/lab] # getfacl a1 #file:a1 #owner:624 #group:1022 user::rwx group::--- group:wiss:rwx mask::rwx other::--- root@antsrv1 [/export/homes/lab] # getfacl -d a1 #file:a1 #owner:624 #group:1022 user::rwx group::--- group:wiss:rwx mask::rwx other::--- Now we create a directory in ~a1: root@antsrv1 [/export/homes/lab] # cd a1 root@antsrv1 [/export/homes/lab/a1] # mkdir d root@antsrv1 [/export/homes/lab/a1] # getfacl d #file:d #owner:0 #group:1022 user::rwx group::--- group:wiss:rwx # effective: r-x mask::r-x other::--- The mask has not been inherited from the upper level directory! The next directory has been created by the user extracting a tar ball: root@antsrv1 [/export/homes/lab/a1] # getfacl STonX-0.6.5/ #file:STonX-0.6.5/ #owner:624 #group:1022 user::rwx group::--- group:wiss:rwx # effective: --x mask::--x other::--- In this case, the "wiss" group can not even read the directory. So, my idea to enable the wiss group to manage the lab user's files does not seem to work. Am i doing something wrong here? Why is the mask not propagated? Any hint would be greately appreciated. I am using 5.4-RELEASE-p7, the filesystem is UFS2. Update: I saw a post suggesting using different umasks, but that did not work either (besides being a bit clumsy solution). -- Heinrich Rebehn University of Bremen Physics / Electrical and Electronics Engineering - Department of Telecommunications - Phone : +49/421/218-4664 Fax : -3341