I am trying to remove group ACL from a certain folder. It has permissions as below
$ getfacl --all-effective public
# file: public
# owner: sse02
# group: apache
user::rwx
group::r-x #effective:r-x
mask::r-x
other::---
default:user::rwx
default:group::r-x #effective:r-x
default:group:acct:rwx #effective:rwx
default:mask::rwx
default:other::r-x
$
I wanted to remove the access granted to the group 'acct' with the following command, but it is not simply working
setfacl -x g:acct public
What could be going on wrong? Any ideas?
This is a RHEL5 box with ext3 file system.
Even if the setfacl command is successful in removing access from user1, user1 might still be able to obtain access to the files in directory Haunted based on the file permission bits, assuming the user has search permission for Haunted. See Localization for more information.
But, in case you may need to provide file permissions for some other users too, that can’t be done using chmod. Setfacl will assist you to get rid of such troubles.
Whereas, getfacl command is used to get file access control lists. For each file, getfacl displays the file name, owner, the group, and the Access Control List (ACL). If a directory has a default ACL, getfacl also displays the default ACL. Why use setfacl when we have chmod and chown command?
It allows us to provide permission for any user or group to any disk resource. Whereas, getfacl command is used to get file access control lists. For each file, getfacl displays the file name, owner, the group, and the Access Control List (ACL). If a directory has a default ACL, getfacl also displays the default ACL.
The group:acct
entry is listed with default:
in front, and the setfacl
man page suggests that the ACL specification can be (spaces added for clarity in the man page):
[d[efault]:] g[roup]:gid [:perms]
Permissions of a named group. Permissions of the owning group if gid is empty.
I think you should try:
setfacl -x d:g:acct public
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With