From owner-freebsd-fs@FreeBSD.ORG Thu Feb 21 08:21:57 2008 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3D73916A400 for ; Thu, 21 Feb 2008 08:21:57 +0000 (UTC) (envelope-from antik@bsd.ee) Received: from zzz.ee (kalah.zzz.ee [194.204.30.253]) by mx1.freebsd.org (Postfix) with ESMTP id 0818113C469 for ; Thu, 21 Feb 2008 08:21:55 +0000 (UTC) (envelope-from antik@bsd.ee) Received: by zzz.ee (Postfix, from userid 3019) id 6A950828B74; Thu, 21 Feb 2008 10:22:38 +0200 (EET) X-Spam-Checker-Version: SpamAssassin on spamassassin.zzz.ee X-Spam-Level: X-Spam-Guessed-Language: en X-Spam-Status: No, score=-4.0 required=5.0 tests=ALL_TRUSTED,BAYES_50 X-Spam-Checker-URL: http://info.zzz.ee Received: from andrei.demo (adsl215.uninet.ee [194.204.62.215]) by zzz.ee (Postfix) with ESMTP id D79238288CA for ; Thu, 21 Feb 2008 10:22:29 +0200 (EET) From: Andrei Kolu To: freebsd-fs@freebsd.org Date: Thu, 21 Feb 2008 10:21:40 +0200 User-Agent: KMail/1.9.7 References: <200802210957.13651.antik@bsd.ee> <20080221081511.GA12457@harmless.hu> In-Reply-To: <20080221081511.GA12457@harmless.hu> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200802211021.41060.antik@bsd.ee> Subject: Re: FreeBSD 6.3 ACL problem X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Feb 2008 08:21:57 -0000 On Thursday 21 February 2008 10:15:11 Gergely CZUCZY wrote: > run ``id antik'' please. I've got a feeling that your antik user is > part of the "wheel" group, which is not allowed to chdir into that > directory. > sambatest# id antik uid=1001(antik) gid=1001(antik) groups=1001(antik),0(wheel) I should remove this user from wheel group or add particular permission? So wheel does not fit onto "other" definition in ACL? > On Thu, Feb 21, 2008 at 09:57:13AM +0200, Andrei Kolu wrote: > > Hi, I have this strange problem with ACL- I can go to one particular > > directory with two different users but can't access it with third. NOTE: > > there is no common group set up like samba- all users access this > > directory according to ACL rules (other::r-x). Looks like different shell > > does not matter (csh or sh). Only difference whas that I created user > > "antik" before I enabled ACL support for /usr filesystem. Should I report > > this like bug? > > > > Commands listing: > > --------------------------------------------------------------------- > > sambatest# pwd > > /root > > sambatest# cd /home/ > > sambatest# ll > > total 10 > > drwxr-xr-x 2 antik antik 512 Feb 20 16:23 antik > > drwxrwxr-x+ 3 samba samba 512 Feb 20 15:53 samba > > drwxr-xr-x 2 test1 test1 512 Feb 21 09:29 test1 > > drwxr-xr-x 2 test2 test2 512 Feb 20 16:40 test2 > > sambatest# getfacl samba/ > > #file:samba/ > > #owner:1003 > > #group:1003 > > user::rwx > > user:nobody:rw- > > group::r-x > > group:wheel:rw- > > mask::rwx > > other::r-x > > sambatest# su - antik > > %cd /home/ > > %ll > > total 10 > > drwxr-xr-x 2 antik antik 512 Feb 20 16:23 antik > > drwxrwxr-x+ 3 samba samba 512 Feb 20 15:53 samba > > drwxr-xr-x 2 test1 test1 512 Feb 21 09:29 test1 > > drwxr-xr-x 2 test2 test2 512 Feb 20 16:40 test2 > > %cd samba/ > > samba/: Permission denied. > > %logout > > sambatest# su - test2 > > $ cd /home > > $ ll > > total 14 > > drwxr-xr-x 6 root wheel - 512 Feb 20 16:40 ./ > > drwxr-xr-x 17 root wheel - 512 Feb 20 14:01 ../ > > drwxr-xr-x 2 antik antik - 512 Feb 20 16:23 antik/ > > drwxrwxr-x+ 3 samba samba - 512 Feb 20 15:53 samba/ > > drwxr-xr-x 2 test1 test1 - 512 Feb 21 09:29 test1/ > > drwxr-xr-x 2 test2 test2 - 512 Feb 20 16:40 test2/ > > $ cd samba > > $ pwd > > /home/samba > > --------------------------------------------------------------------- > > _______________________________________________ > > freebsd-fs@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-fs > > To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org" > > Sincerely, > > Gergely Czuczy, > Harmless Digital > mailto: gergely.czuczy@harmless.hu