Understanding chmod and setfacl

0

I have a file that I think I should be able to execute. It shows these permissions with ls -lah:

-rw-rwxr--+ foo foo-group

And these with getfacl myfile:

# file: app/console
# owner: foo
# group: foo-group
user::rw-
user:root:rwx
user:foo:rwx
user:other-user:r-x
group::r--
mask::rwx
other::r--

I remember executing sudo setfacl -m u:`whoami`:rwx.

I think I got the setfacl command right, since getfacl shows user:foo:rwx. But I still can't execute it. Then what's the point of setfacl, if it can't override chmod?

ChocoDeveloper

Posted 2013-02-10T01:07:51.333

Reputation: 2 327

Answers

1

I understand the acl(5) man page (yes, it is a bit confusing) as stating that the permission bits for the owner/group are always applicable to those, the ACLs are for others. E.g., you could give user bar permission to rwx, not foo (the owner's permissions are given by the standard permission bits). If my reading is correct, what you are doing is even illegal (there should be no repeat user/group entries in the ACL).

vonbrand

Posted 2013-02-10T01:07:51.333

Reputation: 2 083

Asked: 2013-02-10T01:07:51.333

Viewed: 5 049 times

Active: 2013-02-17T13:10:37.207