I have problem understanding FS ACLs.Can someone explain me why the following behaviour occur? Let's suppose that we have a /shared directory we want to give rwx access to admins group. setfacl -m d:g:admins:rwx shared [root at rh1 /]# getfacl shared # file: shared # owner: root # group: root user::rwx group::r-x other::--- default:user::rwx default:group::r-x default:group:admins:rwx default:mask::rwx default:other::--- [root at rh1 /]# su - jack [jack at rh1 ~]$ id uid=500(jack) gid=507(admins) groups=507(admins) context=root:system_r:unconfined_t:SystemLow-SystemHigh [jack at rh1 ~]$ cd /shared/ -bash: cd: /shared/: Permission denied -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20100820/9dbeece0/attachment-0002.html>
On 2010-08-20 08:34, Silviu Hutanu wrote:> I have problem understanding FS ACLs.Can someone explain me why the > following behaviour occur? > > setfacl -m d:g:admins:rwx shared >You have only defined the default ACL for the directory, which only affects newly created files and directories within it. You need to define the current ACL. Try the following: setfacl -m g:admins:rwx shared