I struggled with this problem on FreeBSD recently, but thank God for ZFS which solved it for me there. However I have it again in CentOS with ext4 and don't know if there is an easy way around it (or any way around it). What I want is a directory in which any user in a certain group has guaranteed read/write access to the files, regardless of clueless users' umasks, poor FTP client upload decisions, etc.. I don't think it's possible, but I'd like to be wrong. It looks like the reason it's not possible is that ext4 ACLs cannot override file permissions, only intersect with them. For example:
# mkdir bar
# chmod 700 bar
# getfacl bar
# file: bar
# owner: root
# group: mygroup
# flags: -s-
user::rwx
group::rwx #effective:---
group:mygroup:rwx #effective:---
mask::---
other::---
default:user::rwx
default:group::rwx
default:group:mygroup:rwx
default:mask::rwx
default:other::---
You can see that the default ACL and mask both specify rwx for mygroup but the file permissions trump that and result in ---. Unfortunately that means if a user's FTP client (for example) uploads files as 640, others in the group wouldn't be able to mess with it. Is there a way around this?
Aucun commentaire:
Enregistrer un commentaire