1

I would like to set up a directory such that all new files are group writeable, regardless of the umask setting of the individual user.

I've created a stor group and added all users to it. Then, I created the folder:

$ mkdir uaroot
$ chgrp stor uaroot
$ ls -l
total 4
drwxr-xr-x  2 ua  stor  512 Dec 27 14:35 uaroot

I set the ACLs for it:

$ setfacl -d -m u::rwx,g::rwx,o::rx,mask::rwx uaroot
$ setfacl -m u::rwx,g::rwx,o::rx,mask::rwx uaroot
$ ls -l
total 8
drwxrwxr-x+ 2 ua  stor  512 Dec 27 14:35 uaroot

I can see the ACLs set as:

$ getfacl uaroot
# file: uaroot
# owner: ua
# group: stor
user::rwx
group::rwx
mask::rwx
other::r-x

$ getfacl -d uaroot
# file: uaroot
# owner: ua
# group: stor
user::rwx
group::rwx
mask::rwx
other::r-x

I thought this will have files inside this directory automatically get group writeable permission, but this wasn't the case:

$ cd uaroot
$ touch a
$ ls -l
total 4
-rw-r--r--+ 1 ua  stor  0 Dec 27 14:38 a

$ getfacl a
# file: a
# owner: ua
# group: stor
user::rw-
group::rwx      # effective: r--
mask::r--
other::r--

What does the effective callout mean above? What am I missing in order to have all files get group writeable permission?

Improve this question
2
  • I don't see the default keyword from your getfacl results! Commented Dec 28, 2018 at 6:59
  • I think you removed the default settings when you ran setfacl -m u::rwx,g::rwx,o::rx,mask::rwx uaroot! Rerun with that -d option. Commented Dec 28, 2018 at 7:01

1 Answer 1

Reset to default
2

You cancelled your earlier setting when you ran setfacl -m ::rwx,g::rwx,o::rx,mask::rwx uaroot, without the -d option and with the -m which modifies the current ACL settings on an object, rerun it with the -d to get what you want.

setfacl -d -m u::rwx,g::rwx,o::rx,mask::rwx uaroot

My test returns:

-rw-rw-r--+ 1 georgek georgek 0 Dec 28 08:04 koko/a

And note that the default keyword is missing as a result of you running that second setfacl command. You need to see

# file: koko/
# owner: georgek
# group: georgek
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::rwx
default:mask::rwx
default:other::r-x

To be sure the defaults will apply to newly created files in that folder. And the getfacl for the created file for my test is

# file: koko/a
# owner: georgek
# group: georgek
user::rw-
group::rwx                      #effective:rw-
mask::rw-
other::r--
Improve this answer
3
  • Hi George, this is not it. The default ACLs do not get overridden because they are separate and independent of the normal ACLs. I believe you are assuming I'm using Linux when I'm actually using FreeBSD. Commented Dec 28, 2018 at 9:42
  • Sorry that wasn't stated... Commented Dec 28, 2018 at 9:59
  • Thanks for offering. I’ve investigated the issue further and have a more clear question here: unix.stackexchange.com/questions/491272/… Commented Dec 28, 2018 at 16:30

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.