[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Acl-devel] Default acl not respected when copying
From: |
Michael Orlitzky |
Subject: |
Re: [Acl-devel] Default acl not respected when copying |
Date: |
Tue, 14 Oct 2014 19:07:23 -0400 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.8.0 |
On 10/14/2014 03:15 PM, Andreas Grünbacher wrote:
> 2014-10-14 15:57 GMT+02:00 Michael Orlitzky <address@hidden>:
>> This is a bug in 'cp'.
>
> Michael, there is no bug in cp, cp behaves as specified.
>
This is how it behaves:
$ mkdir acl
$ cd acl
$ setfacl -d -m user:apache:rwx .
$ cp /etc/profile ./
$ getfacl -c profile
user:apache:rwx #effective:r--
group::r-x #effective:r--
mask::r--
other::r--
And that may be how it's specified, but it's not very helpful assuming
that I created the default ACL because I wanted it applied by default.
Is there any case where that behavior is preferable to the following?
$ apply-default-acl profile
$ getfacl -c profile
user::rw-
user:apache:rwx #effective:rw-
group::r--
mask::rw-
other::r--
The need to share a directory between a group of people is one of the
simplest use cases and is basically impossible on Linux with the current
cp,tar,etc. behavior. It gets done, but always by telling the end users
to 'chmod 777' when things don't work. If cp and friends were fixed, the
system administrator could use default ACLs to achieve the same thing
securely.