Date: Wed, 5 Sep 2012 23:13:44 +0000 From: Doug Sampson <dougs@dawnsign.com> To: 'Edward Tomasz Napierala' <trasz@freebsd.org> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: RE: NFSv4 ACL permissions setting Message-ID: <E6B2517F8D6DBF4CABB8F38ACA367E780CF4CFD1@Draco.dawnsign.com> In-Reply-To: <60FD2657-0D3C-4E6C-ABD0-652DA424D9A2@freebsd.org> References: <E6B2517F8D6DBF4CABB8F38ACA367E780CF4582E@Draco.dawnsign.com> <60FD2657-0D3C-4E6C-ABD0-652DA424D9A2@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> Wiadomo=B6=E6 napisana przez Doug Sampson w dniu 31 sie 2012, o godz. 01:= 42: >=20 > [..] >=20 > > group:DSP-production:rwxpDdaARWcCos:fd----:allow <<<<<---= - > - > > group:DSP-production:rwxpDdaARWcCos:fd----:allow <<<<<---= - > - >=20 > This itself looks like a bug in setfacl(1). I'll look into it. > However... >=20 > [..] >=20 > > #!/bin/sh > > # run this script where you wish to effect the changes > > # reset perms to default > > find . -type d -print0 | xargs -0 setfacl -b * >=20 > Why the asterisk? Also, using "-m" with NFSv4 ACLs is not a very good > idea - it's supposed to work, but with NFSv4 ACLs the ordering does > matter, > and "-m" simply modifies the ACL entry in place, while the effect of the > entry might depend e.g. on "deny" entries before it. Use "-a" instead. >=20 Forgive me- I am not particularly strong when it comes to shell scripting. = I will modify so that the -a parameter is used instead of -m when setting n= ew entries. What would you use in place of the asterisk when you want to apply the "set= facl -b" command to either all files or all directories? The period? ~Doug
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E6B2517F8D6DBF4CABB8F38ACA367E780CF4CFD1>