setting inheritance using setfacl

opethdisciple · 1 Jun 2011 at 17:14

Im a bit of a linux amateur, but where I work all the servers etc use unix.

I have been setting acl's on folders using the setfacl method.

However due to the individual user whom Im giving rwx access to the folder/files, not beng in the same group the rest of the users are in, when I set acl on the top folder, when a user who is part of the group my user is not, they are not able to access the file, untill I give them explicit access too it.

How can I set it so that when I set a setfacl recursivly on the files within a folder, the permissions get inherited when a new object within this folder is created by7 a user in agroup my user is not?

I hope you understood my ramblings.....

thanks :confused:

inSilica · 1 Jun 2011 at 21:15

Not sure I follow, but here it goes :-)

.

setfacl -Rm u:insilica:rwX,d:u:insilica:rwX folder

setfacl
-R Recursively
-m Add one or more new ACL entries to the file or modify one or more existing ACL entries on the file.
u:insilica:rwX
"username:insilica:read-write-execute"
d:u:insilica:rwX folder
"defaultACL:username:insilica:read-write-execute"
I think your missing d? or your missing explicit user permissions?...., difficult for me to guess what command your firing

-d
All operations apply to the Default ACL which only affects the default ACL of directories and doesn't touch the files.

so to recap, explicit user permission aswel as default permissions are required to a) maintain user permissions, b) ensure newly created files by user inherit default permissions for directory

opethdisciple · 2 Jun 2011 at 00:37

Thanks for that, when I get to work tomorrow I will try to be a little bit more clear.

opethdisciple · 7 Jun 2011 at 12:57

You Beauty, I think it worked!

Im basically trying to set permissions on a folder so that the the permissions are inherited, by the user, even tho they are not part of a group of users creating the files/folders.

But thanks, the command went through with out complaining so I assume it is succesfull.

:eek:

opethdisciple · 8 Jun 2011 at 13:43

Ok it worked yesterday on a folder with no spaces in the file name.

however today Im trying to do the same thing, but the folder has spaces in it, and it has me :confused:

I am trying to do the same thing but on a folder with spaces in the file name.

Here is a screen grab.

inSilica · 8 Jun 2011 at 15:51

escaping with "\" doesn't work, not sure about this:

have you tried:

setfacl -Rm u:insilica:rwX,d:u:insilica:rwX "folder with space"

or

setfacl -Rm u:insilica:rwX,d:u:insilica:rwX "folder\ with\ space"

and quite possibly:

if you follow scp command style, escape but put command in string literal ...

setfacl "-Rm u:insilica:rwX,d:u:insilica:rwX folder\ with\ space"