Date: Thu, 21 Feb 2008 09:24:05 +0100 From: Gergely CZUCZY <phoemix@harmless.hu> To: Andrei Kolu <antik@bsd.ee> Cc: freebsd-fs@freebsd.org Subject: Re: FreeBSD 6.3 ACL problem Message-ID: <20080221082405.GA13505@harmless.hu> In-Reply-To: <200802211021.41060.antik@bsd.ee> References: <200802210957.13651.antik@bsd.ee> <20080221081511.GA12457@harmless.hu> <200802211021.41060.antik@bsd.ee>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Thu, Feb 21, 2008 at 10:21:40AM +0200, Andrei Kolu wrote: > On Thursday 21 February 2008 10:15:11 Gergely CZUCZY wrote: > > run ``id antik'' please. I've got a feeling that your antik user is > > part of the "wheel" group, which is not allowed to chdir into that > > directory. > > > sambatest# id antik > uid=1001(antik) gid=1001(antik) groups=1001(antik),0(wheel) > > I should remove this user from wheel group or add particular permission? So > wheel does not fit onto "other" definition in ACL? It perfectly fits into that. Just that, the definition for wheel comes first, since that's more specific. More specific first, general ones later, if i remember correctly. I suggest fixiing the ACLs, that seems to be a solution. OTOH, removing him from wheel seems to be a workaround. > > > On Thu, Feb 21, 2008 at 09:57:13AM +0200, Andrei Kolu wrote: > > > Hi, I have this strange problem with ACL- I can go to one particular > > > directory with two different users but can't access it with third. NOTE: > > > there is no common group set up like samba- all users access this > > > directory according to ACL rules (other::r-x). Looks like different shell > > > does not matter (csh or sh). Only difference whas that I created user > > > "antik" before I enabled ACL support for /usr filesystem. Should I report > > > this like bug? > > > > > > Commands listing: > > > --------------------------------------------------------------------- > > > sambatest# pwd > > > /root > > > sambatest# cd /home/ > > > sambatest# ll > > > total 10 > > > drwxr-xr-x 2 antik antik 512 Feb 20 16:23 antik > > > drwxrwxr-x+ 3 samba samba 512 Feb 20 15:53 samba > > > drwxr-xr-x 2 test1 test1 512 Feb 21 09:29 test1 > > > drwxr-xr-x 2 test2 test2 512 Feb 20 16:40 test2 > > > sambatest# getfacl samba/ > > > #file:samba/ > > > #owner:1003 > > > #group:1003 > > > user::rwx > > > user:nobody:rw- > > > group::r-x > > > group:wheel:rw- > > > mask::rwx > > > other::r-x > > > sambatest# su - antik > > > %cd /home/ > > > %ll > > > total 10 > > > drwxr-xr-x 2 antik antik 512 Feb 20 16:23 antik > > > drwxrwxr-x+ 3 samba samba 512 Feb 20 15:53 samba > > > drwxr-xr-x 2 test1 test1 512 Feb 21 09:29 test1 > > > drwxr-xr-x 2 test2 test2 512 Feb 20 16:40 test2 > > > %cd samba/ > > > samba/: Permission denied. > > > %logout > > > sambatest# su - test2 > > > $ cd /home > > > $ ll > > > total 14 > > > drwxr-xr-x 6 root wheel - 512 Feb 20 16:40 ./ > > > drwxr-xr-x 17 root wheel - 512 Feb 20 14:01 ../ > > > drwxr-xr-x 2 antik antik - 512 Feb 20 16:23 antik/ > > > drwxrwxr-x+ 3 samba samba - 512 Feb 20 15:53 samba/ > > > drwxr-xr-x 2 test1 test1 - 512 Feb 21 09:29 test1/ > > > drwxr-xr-x 2 test2 test2 - 512 Feb 20 16:40 test2/ > > > $ cd samba > > > $ pwd > > > /home/samba > > > --------------------------------------------------------------------- > > > _______________________________________________ > > > freebsd-fs@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-fs > > > To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org" > > > > Sincerely, > > > > Gergely Czuczy, > > Harmless Digital > > mailto: gergely.czuczy@harmless.hu > > > _______________________________________________ > freebsd-fs@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-fs > To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org" Sincerely, Gergely Czuczy, Harmless Digital mailto: gergely.czuczy@harmless.hu -- Legacy software is software that works. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) owHlV0+P20QUX1pxsQRtjxxAT2mr3Wpjx0423daQblfb0i60LNDlQDm0jj22R2t7 wsy42fQTcOgBcUECgbhyQAKJaxGfgAsIiRPiA/AdeDNjJ84mW1rUG/tHdt6835v3 fu/PTD596eTKiTO/fP/jR+uPPvvyhe9e/mG4npdSFomdB/wBLWzPdT3b6/Xdvr2B T3I52nDjzSi8FPc2oxuP++d2WCFJIe39yYj4IMmh7IyygBavQ5gGXBA5KGVsX7Jq vWtUjJigkrLCB1pktCDTtX0eFCIm3L5ehCyiReLDxyWTJLJHnBYyGGbEsvYK2E/L NrxJhtD12tB13UsQSPBcv+v5G+72bVh3UdiG7SLihMLbLCthzNGOb10BA+ciCiYI V1Z4GfCJMYM2vL7veXCD8IRkE9i5+8HO3Q9n6CvAywLu36cRBIWkB6urMMpIIIgD u6sPCCRMQgAxIRhXAjJFvyas5EYZSkE4UKHtjAIugcWoQ6A1ThHRgoSzctSGcUrD FPWgUNayjI1JBJIhoRFFfIGvyrI2gxISSsYnjvqI/yLIh4EkQp6F2kmUljQa9K6p ZK5p0QVIFiVqdzEvbLtr2rcL1pVB10VDuyBSVmYRcJIzDFim6KeOK+YsB61sLAHD sKNIB0rDMgs4jAjPqRCY+i0YWHeYMWkwESMm4JgiLyrGFkNueAsiEtNCFwzGDts7 t7YUblcqczEGj2lCjJgR48BbpZD6ta35bViI0SuzYchy3DGmXAws1BO0CImlMKsC csYJiBEJaUxDB243P2oIAhJSEB5k6CuayZBy3gYaA1XMkHxIBhbHPTjXHjqWhcyV SYKJQQOH1JQHUeGItikUQUguVJ6HBGtIYNUqjx3Y29+72TZ8K1RK84Gl2bZMIPO4 MeMHAfJfRLhnlbS66hebxr3s9zd9r/cvTaN+b9I2Zj8N6qQLid2aEBhxhn2Jqacy VeHYqBUGBbaC8gnZaVRAZWpatAYkxwxFMTY+DgFdTAKGpVRWVrEBwpAIzK6slFPK Iwfe2RtY+9dr31ShENMxKq85JtrUIM4fwEdGD4jpDFs1VLVHZVlFs+AYrjEe6Swx FRX2fYZ5XtM16fvcPrzgwC3GDoQxPvMfyyklWVZbrMs6DySWCKyFIlWdIVLE7xVY uzUyJFiYgTC1gBRygjUVaVcrWy3dky3Mc6wKchdIoUZipP0T5WjEcKSoAu+UAvuR osMTIUnuwB3Ts7tYRQNLqU15o5X/wzLZMsJqaQdpDIpILQupRnElt5/HT2WrMatG 46gSdjhjclEhjKCTYst2FpemZEsmsSE9t+aejw8xUfgH0K1GcP3oe13TDC54F/1u bzopp0CNXYee2QnqRxPY9/vV8tIdlXce1I8p0FNd171s5McCu1A/5l3dcI18kYaE yDgIMyOqaTqrysCfF7ExTi4fp3yvluhmaUpU1WGVjw+bnws2ZNEEpXX+DEw1w5xA j6WGWh6Ig6axWQ8tBiFKsOdycf5o4s//n9Ot2JhLpvngw7vToxVPu4KSyJnSxRJW LmkozXTT9rlpj00FR6neWOI/XATVsfhijiO0uhCC01kC9DafCNzwXQ+cpciF9B7d sk5wZ0mGF1JsH5PkY3aeT7N9TKKfAJ6leglTeqXTzEiz4M4156Ruiubq8xzN957t p0LFnJChiOxYXK1eHcYTHABU34fVUVJpplKO/E5HSYTT0O0oXTx4OubYiVlnZrOC 7jMoC1EORcjpkODNjRTqojvR26jjujWD2A3Npkstqz7p7qh7H8e7fnsqml7+H5bh QyOHmwHPM3VbuEYTir1gmcFGM8l8nLwa4IQacDWtdJ20rG5g5hr27Jw+HZ//kcvn w6PVINA6ytwCa0/BmGXbiq5bJAnCCV6DYzkOzOVu+q6vSOqiKxzrk62TL66oL6L1 t9gzJ048Wvm691t2+Ld76vHPr77/2g3/lXt/xMP+yleny5b3+Ren17/51v7rvd// PLX96xs//QM= =XAEw -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080221082405.GA13505>