From owner-freebsd-stable@FreeBSD.ORG Fri Feb 8 16:54:18 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 85B102A4; Fri, 8 Feb 2013 16:54:18 +0000 (UTC) (envelope-from h.schmalzbauer@omnilan.de) Received: from host.omnilan.net (s1.omnilan.net [62.245.232.135]) by mx1.freebsd.org (Postfix) with ESMTP id 1F58E11C; Fri, 8 Feb 2013 16:54:17 +0000 (UTC) Received: from titan.inop.wdn.omnilan.net (titan.inop.wdn.omnilan.net [172.21.3.1]) (authenticated bits=0) by host.omnilan.net (8.13.8/8.13.8) with ESMTP id r18GxNG5094435 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 8 Feb 2013 17:59:23 +0100 (CET) (envelope-from h.schmalzbauer@omnilan.de) Message-ID: <51152DB8.4060703@omnilan.de> Date: Fri, 08 Feb 2013 17:54:16 +0100 From: Harald Schmalzbauer Organization: OmniLAN User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; de-DE; rv:1.9.2.8) Gecko/20100906 Lightning/1.0b2 Thunderbird/3.1.2 MIME-Version: 1.0 To: freebsd-stable@freebsd.org, freebsd-questions@freebsd.org Subject: multiple ACEs with the same ACL qualifier X-Enigmail-Version: 1.1.2 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig196DCE617D00358E8030002E" X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Feb 2013 16:54:18 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig196DCE617D00358E8030002E Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: quoted-printable Hello, I'd like to duplicate the following ACL: # file: /data/shared/ # owner: harry # group: harry group:1stgroup:r-x---a-R-c--s:fd----:allow group:2ndgroup:rwxp--a-R-c--s:-d----:allow group:2ndgroup:----D---------:-d----:deny group:2ndgroup:r-----a-R-c--s:f-i---:allow owner@:rwxpDdaARWcCos:fd----:allow group@:r-xp--a-R-c--s:fd----:allow everyone@:--------------:fd----:allow So there are two "group:2ndgroup:::allow" entries. While it's annoying that I can't modify one specific of these with "-m" (both get altered without warning/confirmation reques), I also can't use "-M" to apply it read from file. Are there any workarrounds? Intention is to make sure newly created files can only be deleted/altered by owner, while two other groups need to access files and directories read-only, but one of them also needs write access. But must'nt delete foreign files/directories. Never had so many problems applying real-world needs... Done such setup hundred times without effort, but on other FS... Thanks, -Harry --------------enig196DCE617D00358E8030002E Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iEYEARECAAYFAlEVLbgACgkQLDqVQ9VXb8hvCACfQyczYTUj2t3lnamlHrgwMhIq nb0An3B9OsOW6mr1gDdJ9q7hSsIKKdKH =lBoY -----END PGP SIGNATURE----- --------------enig196DCE617D00358E8030002E--