I'm trying to use setfacl to set the permissions of different ZFS datasets, and I want those ACL permissions equivalent to UNIX-style chmod 770.
What setfacl command could accomplish this, and what ACLs should getfacl display if I were to do this correctly?
I'm running FreeNAS 11.0 with Samba 4.6.4.
Note: the following is from a Solaris system, but the results should also work on BSD (where you need to use getfacl/setfacl instead of ls/chmod).
The default permissions of a newly created (text) file are:
owner@:rw-p--aARWcCos:-------:allow
group@:r-----a-R-c--s:-------:allow
everyone@:r-----a-R-c--s:-------:allow
If you use chmod 0770 /path/to/file, you will get:
owner@:rwxp--aARWcCos:-------:allow
group@:rwxp--a-R-c--s:-------:allow
everyone@:------a-R-c--s:-------:allow
Essentially, execute (x) is added for owner and group, read (r) is removed from everyone, and write (w) and append (p) are added to group.
For a directory, it looks as follows:
owner@:rwxp-DaARWcCos:-------:allow
group@:r-x---a-R-c--s:-------:allow
everyone@:r-x---a-R-c--s:-------:allow
And after modification:
owner@:rwxp-DaARWcCos:-------:allow
group@:rwxp-Da-R-c--s:-------:allow
everyone@:------a-R-c--s:-------:allow
Here, read (r) and execute (x) are removed from everyone, while owner and group have the same permissions as in the file case, although with added delete_child (D) permission (this comes from being a directory).
