[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
"mkdir -p" new child dirs don't inherit default POSIX ACLs properly
From: |
C. J. Meidlinger |
Subject: |
"mkdir -p" new child dirs don't inherit default POSIX ACLs properly |
Date: |
Thu, 14 Feb 2008 03:27:24 -0500 (EST) |
User-agent: |
SquirrelMail/1.4.9a |
Greetings,
This is different than Bug#19546 which requested inheritance of ACLs on
existing parent dirs. This problem report is for newly created child
directories with "mkdir -p".
I discovered this on OpenSuse 10.2 PPC (coreutils-6.4-10, pSeries arch)
and confirmed it on Slackware 12.0 and Slackware-current (coreutils-6.9,
x86 arch).
The coreutils package in Slackware 11.0 (coreutils-5.97, x86 arch) appears
to be ok.
The problem is that directories created by "mkdir -p" do not inherit
default POSIX ACLs properly whereas those created with "mkdir" do. On a
file system mounted with the "acl" option, and with POSIX ACLs enabled in
the Linux kernel, I can demonstrate the different behavior with the
following:
1) Create the test directory to hold the default ACL:
# mkdir acl-test
2) Flush all inherited ACLs in case you have other things going on in
this work space:
# setfacl -R -b acl-test
3) Add a default ACL that gives a group rwx access to new directories:
# setfacl -d -m g:video:rwx acl-test
4) View default ACL:
# getfacl acl-test
# file: acl-test
# owner: root
# group: root
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:video:rwx
default:mask::rwx
default:other::r-x
5) Create directories with "mkdir" and "mkdir -p":
# mkdir acl-test/mkdir
# mkdir -p acl-test/mkdir-p
6) View inherited ACLs:
# getfacl acl-test/*
# file: acl-test/mkdir
# owner: root
# group: root
user::rwx
group::r-x
group:video:rwx
mask::rwx
other::r-x
default:user::rwx
default:group::r-x
default:group:video:rwx
default:mask::rwx
default:other::r-x
# file: acl-test/mkdir-p
# owner: root
# group: root
user::rwx
group::r-x
group:video:rwx #effective:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:video:rwx
default:mask::rwx
default:other::r-x
The key difference is the "mask" entry in the seventh line of output for
each directory -- "rwx" for "mkdir" and "r-x" for "mkdir-p". The altered
mask gives us an effective permission set for the video group of "r-x" on
the "mkdir-p" directory instead of the "rwx" that we specified in the
default ACL for the parent directory.
"mkdir $dirname" and "mkdir -p $dirname" shouldn't have different ACL
inheritance behaviors for the newly created child directories, should
they?
Thanks,
CJM
- "mkdir -p" new child dirs don't inherit default POSIX ACLs properly,
C. J. Meidlinger <=