Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [setfacl]

setfacl(1) is a command-line utility to set ACL (Access Control List) information on files, part of a withdrawn POSIX draft from 1997

setfacl(1), short from Set File ACL, is a command-line utility in some modern UNIX systems that lets the user set access control information on the specified files.

It was part of an abandoned and withdrawn IEEE Standards Draft from 1997, originally meant to be part of .

35 questions
55
votes
4 answers

linux/setfacl - Set all current/future files/directories in parent directory to 775 with specified owner/group

I have a directory called "members" and under it there are folders/files. How can I recursively set all the current folders/files and any future ones created there to by default have 775 permissions and belong to owner/group nobody/admin…
Maverick
  • 1,501
  • 1
  • 11
  • 9
8
votes
1 answer

Have new files inherit their folder's extended ACLs

We are moving our web files from AFS to a local volume with the acl flag set. We use extended ACLs for our permissions so users can edit different parts of our websites. In AFS, when you create a new file it inherits its parent's permissions. How…
Vacation9
  • 113
  • 1
  • 1
  • 8
5
votes
1 answer

How to give write permissions using setfacl while retaining existing permissions?

I want to give write permission to a specific user on a dir recursively without loosing any existing permissions that the user may have. I believe I can use something like this to give write permissions to the user: setfacl -R -m u:user:w dir/* but…
comatose
  • 151
  • 1
  • 3
4
votes
1 answer

mkdir -p ignores facl?

I am trying to enforce file perms of 777 across a specific set of dirs. I used "setfacl -m d:o::rwx" and got what appears to be the right permissions $ getfacl . # file: . # owner: blah # group: blah # flags:…
Kevin
  • 41
  • 1
4
votes
2 answers

setfacl equivalent to chmod for setting/unsetting individual flag

Using setfacl command line arguments, is there a way to set/unset a single flag as the following command will do ? chmod g+x FILE Please note that: setfacl g::x FILE setfacl g::--x FILE are equivalent and will set executable bit and remove read…
vaab
  • 512
  • 3
  • 13
3
votes
1 answer

How to have multiple users access to chmod() the same file?

I have a system where multiple users are running an application that chmod the same file. I've tried using setacl to add both users as user owners of the file to do this, but it doesn't work. The application errors out because the chmod system…
Jacob Brown
  • 130
  • 4
3
votes
1 answer

How to use setfacl on ZFS dataset to set the equivalent of UNIX-style chmod 770?

I'm trying to use setfacl to set the permissions of different ZFS datasets, and I want those ACL permissions equivalent to UNIX-style chmod 770. What setfacl command could accomplish this, and what ACLs should getfacl display if I were to do this…
user260467
  • 275
  • 2
  • 13
3
votes
0 answers

Setfacl: Removing ACL make my file executable

I'm making a script to add and remove ACL for third party unix account. Adding ACL works like a charm. Removing works but make a file created by sub-users executable. See: ~/test$ mkdir directory ~/test$ setfacl -Rm u:www-data:rwX directory ~/test$…
Soullivaneuh
  • 151
  • 1
  • 4
3
votes
1 answer

Setting default permissions on newly created files/folders

I have a network of sites where all sites share same "images" folder. I have created /home/_images/entities and symlinked it from all websites, and it works great with Apache, when I open /images/ on any of the sites I get list of images and can…
Avram
  • 141
  • 4
2
votes
0 answers

setfacl setting unwanted group execute

I'm pretty sure I'm just doing something wrong, but I can't figure it out... I have some directories I set up with the following: sudo setfacl -dR -m u::rwX,g::rwX,o::rX,u:ubuntu:rwX,u:www-data:rwX,g:www-data:rwX . sudo setfacl -R -m…
Tim Tisdall
  • 623
  • 1
  • 5
  • 17
2
votes
1 answer

Make www-data the owner and group of newly created files and folders

I am running Ubuntu 16.04. I have several users that are within the www-data group and will be creating/modifying files on the server. We'll call them user1 and user2. Any time user1 or user2 creates a folder or file within…
bigmike7801
  • 131
  • 4
2
votes
1 answer

Why is my unix socket created with a different ACL mask to other files?

I am deploying an Nodejs Express app. It is going to run as on the same box as an Nginx server, which will proxy requests to it via a unix socket. The question is not specific to Nodejs, however. The express app runs as user nodejs, and nginx runs…
Jarrad
  • 123
  • 4
2
votes
1 answer

How can I set up a filesystem directory to *always* be group writable?

I have a Linux file server with some shared directories. These directories are sometimes accessed over SFTP, and sometimes by users with shells. Regardless of how these directories are accessed, I would like to ensure that: all files in the…
Glyph
  • 241
  • 1
  • 9
2
votes
0 answers

Default owner and setting sticky bit by default

I have a RHEL 5.5 server and want to set up some specific security for a directory: Please note that I am not asking how to do this one time... that has already been done. I want all new directories created to have the sticky bit set so only the…
user739866
  • 203
  • 3
  • 8
1
vote
1 answer

setfacl inherit permissions without bash scripting

i have this script to add inherit permissions in all directory's, asd=$(find -type d); for a in $asd; do setfacl -d -m "u:pythoncrons:rwx" $a; done my question is, i can set inherit permissions recursive without bash script? like recursive set…
TheBlueZombie
  • 19
  • 3
1
2 3