vtcf@NCSC.ARPA.UUCP (09/02/87)
Could somebody explain how these ACL's work? I'd like to be able to grant an identifier to a directory and it'ss files, nd allow anyone with that identifier to be able to create new files, edit and delete files, etc., as if they owned the directory. I tried to use the following: (IDENTIFIER=xxx,OPTIONS=DEFAULT,ACCESS=READ+WRITE+EXECUTE+DELETE+CONTROL) (DEFAULT_PROTECTION,SYSTEM:RWED,OWNER:RWED,GROUP:,WORLD:) on the directory, and (IDENTIFIER=XXX,ACCESS=READ+WRITE+EXECUTE+DELETE+CONTROL) on all existing files in the directory. I then granted the identifier with RESOURCE attribute to the users needing it. Am I missing something? Any help would be greatly appreciated. (A command procedure to do this would be GREAT!) Thanks in advance, Tom Williams Code 4210 Naval Coastal Systems Center Panama City, Fl 32407-5000 (904)234-4699 vtcf@ncsc.arpa
face@amethyst.UUCP (Chris Janton) (09/03/87)
The ACL that you have created (specifying OPTIONS=DEFAULT) will cause all new files created in the directory to have the specified attributes. You need to add an ACE that allows the users access to the directory as well. Just create another ACE with the ,OPTIONS... removed. This will allow access to the directory file.
dirk@mvax.dn.mu.oz (Dirk van der Knijff) (09/09/87)
I have created a common directory for a group as follows: 1. create an identifier with resource attribute 2. grant this identifier to all members with resource 3. create a directory OWNED by the identifier (the following may not be neccessary but I had trouble with the manuals and 'it aint broke') 4. add ACL's - ident=id-as-above,options=default,acc=r+w+e+d+c ident=id-as-above,acc=r+w+e+d then when the users set def to that directory files are created owned by the id-as-above with ACL's granting access to the id and another ACL granting r+w+e+d+c to the file creator. Dirk van der Knijff dirk%mvax.dn.mu.oz.au@seismo.css.gov Melbourne College of Advanced Education 757 Swanston Street CARLTON 3054. Australia
vtcf@NCSC.ARPA (Williams) (09/14/87)
Thanks to all who responded to my ACL question. Apparently, my ACL specifiying (ID=xxx, OPTIONS=DEFAULT,ACCESS=R+W+E+D+C) was for new files created within the directory. I only needed to add another ACL for the directory itself! (The documentation is sometimes a little confusing, but after reading 10 or 20 times, it starts to sink in.)