Directory Permissions Defaults
Problem: Sharing Directories
My wife and I keep our pictures of our kids under a shared directory called /home/shared. We download them with Digikam and sometimes edit them to send out to relatives. The problem was this: if I download the pictures off the camera, then Megan can't edit them or read them. We also had problems with shared files (e.g., our accounting spreadsheets) that I would create and she would modify, or vice versa.
Edit the fourth field of the fstab entry of the partition you want to use ACL on. In this case, it was /dev/sda6 on /home:
/dev/sda6 /home ext3 defaults,acl 1 1
adding "acl" to the list of permissions. Without doing this, you'll get
setfacl: /mnt/backup Operation not supported
Then remount the partition: since I was doing this on /home, I rebooted (mount -a did not work).
getfacl(1) shows you the current ACL status of a file:
/media/multimedia: Zshell> getfacl /home getfacl: Removing leading '/' from absolute path names # file: home # owner: root # group: root user::rwx group::r-x other::r-x
Once the partitions are properly set up (that was the easy part), enter the setfacl(1) commands:
sudo setfacl --recursive -dm g:users:rwx /home/shared
--recursive was important so that each directory beneath /home/shared inherits the default mask.
Now getfacl(1) gives me this:
/media/multimedia: Zshell> getfacl /home/shared getfacl: Removing leading '/' from absolute path names # file: home/shared # owner: joel # group: users user::rwx group::rwx other::r-x default:user::rwx default:group::rwx default:group:users:rwx default:mask::rwx default:other::r-x
And when creating a file:
/media/multimedia: Zshell> cd /home/shared /home/shared: Zshell> touch my_self /home/shared: Zshell> ls -l my_self -rw-rw-r--+ 1 joel users 0 2008-04-06 14:36 my_self
The desired outcome!
Note: this did what I wanted, but it's just a beginning. Read the setfacl(1) and getfacl(1) man pages for the full story.
Official Package Data
PACKAGE NAME: acl-2.2.39_1-i486-2 COMPRESSED PACKAGE SIZE: 139 K UNCOMPRESSED PACKAGE SIZE: 350 K PACKAGE LOCATION: ./acl-2.2.39_1-i486-2.tgz PACKAGE DESCRIPTION: acl: acl (tools for using POSIX Access Control Lists) acl: acl: This package contains a set of tools and libraries for manipulating acl: POSIX Access Control Lists. POSIX Access Control Lists (defined in acl: POSIX 1003.1e draft standard 17) are used to define more fine-grained acl: discretionary access rights for files and directories. acl: acl: acl: acl: acl: