Sébastien Le Ray
2015-May-13 15:32 UTC
[Samba] Posix vs. Windows File/Directory Permissions
Le 13/05/2015 17:29, Rowland Penny a ?crit :> > If you set the acls on a Unix directory with 'chmod' and then set an > ACL with 'setfacl', you will not change the Unix acls, that is, if the > acls are set to '775' and you then set the ACL for a user with > 'setfacl', the Unix acl will still read '775' or 'rwxrwxr-x' , what > will change is a '+' sign will appear at the end of the acl.you don't set unix acl with chmod, you set unix file perms. To set unix ACLs you use setfacl? Regards
On 13/05/15 16:32, S?bastien Le Ray wrote:> > Le 13/05/2015 17:29, Rowland Penny a ?crit : >> >> If you set the acls on a Unix directory with 'chmod' and then set an >> ACL with 'setfacl', you will not change the Unix acls, that is, if >> the acls are set to '775' and you then set the ACL for a user with >> 'setfacl', the Unix acl will still read '775' or 'rwxrwxr-x' , what >> will change is a '+' sign will appear at the end of the acl. > > you don't set unix acl with chmod, you set unix file perms. To set > unix ACLs you use setfacl? > > Regardsa = access c = control l = list access control list OR permissions lower case for UNIX, UPPER CASE for Windows same thing really, just a different way of putting it But no matter how you put it, using 'setfacl' will not alter the output of 'ls -la' apart from adding a '+' sign. Rowland
Sébastien Le Ray
2015-May-13 15:49 UTC
[Samba] Posix vs. Windows File/Directory Permissions
Le 13/05/2015 17:41, Rowland Penny a ?crit :> a = access > c = control > l = list > > access control list OR permissions > > lower case for UNIX, > UPPER CASE for WindowsOK? I guess I should stop here. But please don't forget to send a patch to Andreas Gruenbacher, the setfacl man page author since he states ? This utility sets Access Control Lists (ACLs) of files and directories. ? so the world can stop using the wrong terminology and start using yours. btw getfact will also return the same info as ls -l if you use it on a file without any ACL. So yes, Windows ACL are translated to Linux ACL, that's why you need acl mount option when using a filesystem that does not use them by default and that's why, as Andrey Repin states, you cannot access a file as a windows user if its UID isn't allowed to access the file using Unix rights and that's why you will turn crazy looking out why a user is wiped out Windows ACL if he doesn't have a unix uid value and you use RFC2307. Regards