From owner-freebsd-questions@FreeBSD.ORG Tue Aug 31 20:07:05 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5F85310656B2 for ; Tue, 31 Aug 2010 20:07:05 +0000 (UTC) (envelope-from francis@optiksecurite.com) Received: from relais.videotron.ca (relais.videotron.ca [24.201.245.36]) by mx1.freebsd.org (Postfix) with ESMTP id 3C4388FC22 for ; Tue, 31 Aug 2010 20:07:04 +0000 (UTC) MIME-version: 1.0 Content-transfer-encoding: 8BIT Content-type: text/plain; charset=ISO-8859-1; format=flowed Received: from [31.33.7.200] ([69.70.93.206]) by VL-MR-MR001.ip.videotron.ca (Sun Java(tm) System Messaging Server 6.3-8.01 (built Dec 16 2008; 32bit)) with ESMTP id <0L8100HQ26FB9PE1@VL-MR-MR001.ip.videotron.ca> for freebsd-questions@freebsd.org; Tue, 31 Aug 2010 15:06:47 -0400 (EDT) Message-id: <4C7D5356.9030101@optiksecurite.com> Date: Tue, 31 Aug 2010 15:09:10 -0400 From: =?ISO-8859-1?Q?Francis_Dub=E9?= Organization: Optik =?ISO-8859-1?Q?S=E9curit=E9?= User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) To: freebsd-questions@freebsd.org Subject: ACLs inheritance problem X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: francis@optiksecurite.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Aug 2010 20:07:05 -0000 Hi list, Here's my case. We have 3 web developpers creating files and folders in our main "web" folder. We would like to setup ACLs allowing them to modify each others file. So this is what I'm doing : # mkdir web #setfacl -d -m u::rwx,g::rwx,o::rx,g:web:rwx web # setfacl -m u::rwx,g::rwx,o::rx,g:test1:rwx web # getfacl -d web # file: web # owner: root # group: wheel user::rwx group::rwx group:web:rwx mask::rwx other::r-x # getfacl web # file: web # owner: root # group: wheel user::rwx group::rwx group:web:rwx mask::rwx other::r-x Now, when I create a subfolder or a file in the "web" folder, I would expect them to have theses ACLs. # mkdir web/subfolder # touch web/file # getfacl web/file # file: web/file # owner: root # group: wheel user::rw- group::rwx # effective: r-- group:web:rwx # effective: r-- mask::r-- other::r-- # getfacl web/subfolder # file: web/subfolder # owner: root # group: wheel user::rwx group::rwx # effective: r-x group:web:rwx # effective: r-x mask::r-x other::r-x Where is that new mask coming from ? Shouldn't it be the same as the default mask from it's parent directory ? I need the new files to be writable by the "web" group by default, am I missing something ? We are using FreeBSD 8.1 Released on AMD64. Any pointer would be appreciated, thanks a lot. Francis Dubé .