March 10, 2016

Linux ACL & standard permission question

Posted in Linux at 10:07 am by alessiodini

After long time , yesterday I played a bit with ACL on Redhat 6.7 nodes.
Doing some experiment I saw a strange thing:


[root@node1 ~]# useradd pippo
[root@node1 ~]# touch alessio
[root@node1 ~]# chmod 400 alessio
[root@node1 ~]# setfacl -m u:pippo:rwx alessio

[root@node1 ~]# getfacl alessio
# file: alessio
# owner: root
# group: root
user::r--
user:pippo:rwx
group::---
mask::rwx
other::---

[root@node1 ~]# chmod 600 alessio
[root@node1 ~]# getfacl alessio
# file: alessio
# owner: root
# group: root
user::rw-
user:pippo:rwx #effective:---
group::---
mask::---
other::---

This could be a noob question… but why acl changes from rwx to —?
I suppose there is a relationship between ACL configured and those initial standard permissions.
I need to know more about it! πŸ™‚

Advertisements

2 Comments »

  1. acl are stored as metadata on the filesystem.

    When you set

    “`
    chmod 600 alessio
    “`

    the metadata on the filesystem are not changed, so getfacl returns

    “`
    user:pippo:rwx
    “`

    The effective permissions are the ones inherited by `chmod 600`.

    Check `ls -l` output while executing your commands.

    Nice Blog + Peace,
    R.

    • alessiodini said,

      Thank you for your reply and your time Roberto, have a great day πŸ™‚


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: