ACLs, chmod and group permissions
I'm trying to use ACLs to give a specific group full, recursive read access to a directory and its files.
I've been successful, but noticed one caveat that may be expected behavior - if the file's owner uses chmod (e.g. chmod 600), the ACL group loses access. This does make sense, but ideally, the desired group(s) in the ACLs would retain their access.
I'd like to avoid having users lock certain groups specified using ACLS out of things by using something such as 'chmod 600'.
I've messed with setting the default mask and such, but chmod seems to trump whatever I'm doing (which, I understand, is likely expected).
Am I missing something, or are there any suggestions on how to acheive what I'm after? Short of a cron job to 'fix' ACLs in such locations, I'm not sure. I guess what I'm after is ACL inheritance, which ext3 doesn't seem to support(?)
Though it's currently an ext3 file system, it's not too late to change to something that might have better ACL implementation.
Here's an example of what I'm doing:
How to enable particular group should have root priviledge for particular directory
useradd -d /opt ecare
setfacl -m u:ecare:rwx /opt
usermod -g access access
chmod 755 /opt
im not sure it will help me ur not
Did you ever find a solution to your problem? I'm researching ACLs as a method to help manage shared web content for a dev team and I share your concerns re someone using chmod to manually change permissions (or someone's SFTP client doing so).
|All times are GMT -5. The time now is 12:53 PM.|