Unable to setup ACL during mount for CentOS 7 virtual machine
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Unable to setup ACL during mount for CentOS 7 virtual machine
Unable to setup ACL during mount for CentOS 7
virtual machine.
Here is fstab configurations.
Note acl option for /dev/mapper/centos-root.
Code:
[user1@localhost ~]$ cat /etc/fstab
#
# /etc/fstab
# Created by anaconda on Fri Aug 12 15:05:22 2016
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults,acl 0 0
UUID=ada31c1f-5e7b-4e1f-bfbe-916806530dbc /boot xfs defaults 0 0
/dev/mapper/centos-swap swap swap defaults 0 0
But when I looked at mounted devices, there is no acl enabled for
/dev/mapper/centos-root.
Code:
[user1@localhost ~]$ mount | grep centos
/dev/mapper/centos-root on / type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
ACLs tend not to be put on the root filesystem as they frequently conflict with what the system requires. I believe this is because the base system distribution is more than sufficient (owner/group/world, along with setuid/setgid settings on files).
Filesystems mounted on the root filesystem can/do have ACLs.
The other issue is that root gets mounted before the fstab file is even looked at (or even accessable) during the initial setup by the initrd/ramfs, thus root gets skipped while processing the fstab.
One last thing - ACLs are most usable by the users that give access to files not owned by the system (accidents are easy to make granting improper privileges for root).
The other issue is that root gets mounted before the fstab file is even looked at (or even accessable) during the initial setup by the initrd/ramfs, thus root gets skipped while processing the fstab.
In this VM and in many installations, the entire OS is on one partition, e.g. sda6, and is thus mounted under /.
So adding ACL is not possible, correct?
How would you add ACL to /home directory in this scenario?
In this VM and in many installations, the entire OS is on one partition, e.g. sda6, and is thus mounted under /.
So adding ACL is not possible, correct?
How would you add ACL to /home directory in this scenario?
I don't think you can.
The way I added it was to partition the virtual disk during installation (normally CentOS will partition it into two parts, possibly three - one for swap, one for /boot, and one for the root (/boot would still be ext4, but that depends on whether xfs is now supported by grub2 - and this is what Fedora 24 is doing). Adding an extra partition for /home would allow you to add ACLs for local use. You can use an NFS mount for /home, and use NFS ACLs though.
You can use an NFS mount for /home, and use NFS ACLs though.
I am not familiar with NFS mount.
Do not even know where to start since I am learning Linux.
When I installed CentOS 7 image, I was using its default setup.
Can you point me to such NFS installation guide?
Thank you.
-----------------------------
I removed the acl option I added in fstab.
Then reboot....
It turn out ACL is already enabled in the standard install for CentOS 7 because I tried using getfacl and setfaccl, and they did not return errors.
I do not have any idea how it was done since it does not show up in mount command output or fstab.
But i ran into this problem.....
for servers, and look through the index for client use of NFS.
Different question, different problem.
That "c1" user does not have access to the /test directory (it is owned by a1, and likely c1 is not a member of the group gp1 - thus only world access applies, and the directory doesn't allow world access).
Normally for a user to be able to do anything, they must be able to read. But all this does is allow the user to see the file names.
But to do anything else you need the search - the "x" when applied to directories. This also happens to affect the user trying to use "cd", as when the working directory is set the kernel will attempt to cache the directory for speed - and it isn't allowed to.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.