LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 05-05-2009, 05:17 PM   #1
senseproof
Member
 
Registered: May 2009
Distribution: Fedora 10
Posts: 31
Blog Entries: 5

Rep: Reputation: 16
setfacl undoes itself


I am trying to give a user access to read roots mail with the setfacl. So I do:

Code:
setfacl -m u:ben:rw /var/spool/mail/root
It works for a while, then suddenly ben cannot read the file anymore.
Code:
getfacl /var/spool/mail/root
displays this while it works:

Code:
user:ben:rw-
And this when it doesn't:

Code:
user:ben:rw-                   #effective:---
What is this #effective and why does it keep happening after a short time. My filesystem is mounted with the acl option.

Last edited by senseproof; 05-05-2009 at 05:18 PM. Reason: inconsistent pseudo user names
 
Old 05-05-2009, 08:58 PM   #2
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.6, Centos 5.10
Posts: 16,324

Rep: Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041
Once you've read all the emails in the file, they get moved to 'mbox' and the orig mail file is deleted (along with the acl).
What you need is a default acl, which is set on the dir eg
Code:
 Automatic ACL setting
 • New files inherit default ACL (if set) from directory
 • setfacl -m d:u:ben:rw directory
 
Old 05-05-2009, 11:52 PM   #3
senseproof
Member
 
Registered: May 2009
Distribution: Fedora 10
Posts: 31
Blog Entries: 5

Original Poster
Rep: Reputation: 16
Thanks for that, you are right that is the problem.

Code:
# ls -lc root
-rw-------+ 1 root root 1397 2009-05-06 04:01 root
It's a new file just like you say. So how come the old ACL shows up at all? That is confusing!
 
Old 05-11-2009, 10:39 PM   #4
senseproof
Member
 
Registered: May 2009
Distribution: Fedora 10
Posts: 31
Blog Entries: 5

Original Poster
Rep: Reputation: 16
Few days on, I applied your directory settings (suprisingly they were set rw for all users anyway according to getfacl).

Anyhow, my root mail file still keeps un-doing itself. I'm open to putting a one minute crontab on there to change the permissions back to what I want them to be but it would be nice to learn something about how to make the ACL do it itself...
 
  


Reply

Tags
acl, setfacl


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
setfacl: operation not supported viewcam Linux - Newbie 7 03-25-2013 02:01 PM
setfacl erat123 Linux - Security 2 05-31-2007 12:16 AM
setfacl linuxjamil Linux - Security 1 04-05-2007 03:00 PM
Setfacl subaruwrx Fedora 3 09-07-2004 10:18 AM
acl/setfacl help ebs Linux - General 1 06-20-2003 12:22 PM


All times are GMT -5. The time now is 01:23 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration