[SOLVED] ACL for root filesystem

jnreddy · 02-08-2012, 11:18 AM

Hi friends and Gurus,

I need to perform a herculean task it may seems strange but now boll is in my court.

here is my task...

one of my user want ACL on root filesytem...yes acl for / filesystem. root is not in lvm. and also we have another filesystem named /ora which is vxfs file system my user want ACL for that also i mean /ora.

doesn't it seem strange..i never did that, but my user is insisting to do that.

its a production box they may give 2 or 3 hours downtime to perform the task
i googled a lot but i found steps to configure acl for files,folders and other filstems but not for root.

i tried the below steps.

[root@linuxnode1 /]# uname -a
Linux linuxnode1.my.com 2.6.18-194.el5 #1 SMP Tue Mar 16 21:52:39 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux

[root@linuxnode1 /]# fdisk -l

Disk /dev/sda: 85.8 GB, 85899345920 bytes
255 heads, 63 sectors/track, 10443 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System
/dev/sda1 * 1 64 514048+ 83 Linux
/dev/sda2 65 1339 10241437+ 83 Linux
/dev/sda3 1340 2614 10241437+ 83 Linux
/dev/sda4 2615 10443 62886442+ 5 Extended
/dev/sda5 2615 3889 10241406 83 Linux
/dev/sda6 3890 5164 10241406 83 Linux
/dev/sda7 5165 6439 10241406 83 Linux
/dev/sda8 6440 6700 2096451 82 Linux swap / Solaris
/dev/sda9 6701 6827 1020096 83 Linux

first step : mount -t ext3 -o acl /dev/sda1 /
second step : [root@linuxnode1 ~]# vi /etc/fstab (i added acl in fstab)
LABEL=/ / ext3 acl 1 1
LABEL=/home /home ext3 defaults 1 2
LABEL=/tmp /tmp ext3 defaults 1 2
LABEL=/usr /usr ext3 defaults 1 2
LABEL=/var /var ext3 defaults 1 2
LABEL=/opt /opt ext3 defaults 1 2
LABEL=/boot /boot ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
LABEL=SWAP-sda8 swap swap defaults 0 0

third step : [root@linuxnode1 /]# ls -l /
total 162
drwxr-xr-x 2 root root 4096 Jan 26 03:48 bin
drwxr-xr-x 4 root root 1024 Jan 25 03:11 boot
drwxr-xr-x 14 root root 4220 Feb 9 03:32 dev
drwxr-xr-x 101 root root 12288 Feb 9 04:03 etc
drwxr-xr-x 3 root root 4096 Oct 1 2009 home
drwxr-xr-x 11 root root 4096 Jan 26 03:47 lib
drwxr-xr-x 7 root root 4096 Jan 26 03:47 lib64
drwx------ 2 root root 16384 Jan 25 03:04 lost+found
drwxr-xr-x 2 root root 4096 Feb 9 03:31 media

url i folowed :http://www.softpanorama.org/Access_control/acl.shtml

verify that the permissions have been set and that the file has an ACL:

ls -l foo
-rwxrw— + 1 winsor staff 0 Oct 3 14:22 foo

but i cant see the '+' symbal for my / filesystem.. while executing the steps i didn't get any errors.

any help is appreciated....Thanks in advance..

Thanks & regards
JNREDDY

Berhanie · 02-08-2012, 02:08 PM

if you're using rhel, then i think your filesystem is already using acls. you will see it when you run dumpe2fs.

jnreddy · 02-12-2012, 01:51 AM

Thank you for your reply.....can you plz provide some more information...

Thanks & Regards
JNREDDY.

Berhanie · 02-12-2012, 08:17 AM

see here.