Skip to content

Instantly share code, notes, and snippets.

@lcolladotor
Created April 19, 2021 19:26
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save lcolladotor/4b9b3c950e7e5e9ffe430af16f1d8cf0 to your computer and use it in GitHub Desktop.
Learning about setfacl at JHPCE
cd /dcl01/lieber/ajaffe/lab
# cd ~ # My tests didn't work in my home dir (setfacl: test_main: Operation not supported)
mkdir test_setfacl
cd test_setfacl
rm -fr test_main test_proj2
mkdir test_main
chgrp lieber_jaffe test_main
chmod g+s test_main
setfacl -m g:lieber_jaffe:rwx,g:lieber:rx test_main
setfacl -d -m g:lieber_jaffe:rwx,g:lieber:rx test_main
mkdir test_main/proj_my_team
mkdir test_main/proj_with_team2
mkdir test_main/proj_with_ext_collab
getfacl -a test_main/proj_my_team
getfacl -a test_main/proj_with_team2
getfacl -a test_main/proj_with_ext_collab
setfacl -m g:lieber_jaffe:rwx,g:lieber:rx,g:lieber_martinowich:rwx test_main/proj_with_team2
setfacl -m g:lieber_jaffe:rwx,g:lieber:rx,g:leekgroup:rwx test_main/proj_with_team2
setfacl -d -m g:lieber_jaffe:rwx,g:lieber:rx,g:lieber_martinowich:rwx test_main/proj_with_team2
setfacl -d -m g:lieber_jaffe:rwx,g:lieber:rx,g:leekgroup:rwx test_main/proj_with_team2
setfacl -m g:lieber_jaffe:rwx,g:lieber:rx,g:lieber_martinowich:rx,g:leekgroup:rx test_main
getfacl -a test_main/proj_with_team2
getfacl -a test_main/proj_with_ext_collab
mkdir test_proj2
touch test_proj2/hello
rsync -rltgvh test_proj2 test_main/proj_with_team2/
getfacl -a test_main/proj_with_team2/test_proj2
getfacl -a test_main/proj_with_team2/test_proj2/hello
mkdir test_main/proj_with_ext_collab/new_dir
getfacl -a test_main/proj_with_ext_collab/new_dir
mkdir test_main/new_project
getfacl -a test_main/new_project
$ cd /dcl01/lieber/ajaffe/lab
15:21 lab $ cd test_setfacl
15:21 test_setfacl $ rm -fr test_main test_proj2
15:21 test_setfacl $ mkdir test_main
15:21 test_setfacl $ chgrp lieber_jaffe test_main
15:22 test_setfacl $ chmod g+s test_main
15:23 test_setfacl $ setfacl -m g:lieber_jaffe:rwx,g:lieber:rx test_main
15:23 test_setfacl $ setfacl -d -m g:lieber_jaffe:rwx,g:lieber:rx test_main
15:23 test_setfacl $ mkdir test_main/proj_my_team
15:23 test_setfacl $ mkdir test_main/proj_with_team2
15:23 test_setfacl $ mkdir test_main/proj_with_ext_collab
15:23 test_setfacl $ getfacl -a test_main/proj_my_team
# file: test_main/proj_my_team
# owner: lcollado
# group: lieber_jaffe
# flags: -s-
user::rwx
group::rwx
group:lieber:r-x
group:lieber_jaffe:rwx
mask::rwx
other::---
15:23 test_setfacl $ getfacl -a test_main/proj_with_team2
# file: test_main/proj_with_team2
# owner: lcollado
# group: lieber_jaffe
# flags: -s-
user::rwx
group::rwx
group:lieber:r-x
group:lieber_jaffe:rwx
mask::rwx
other::---
15:23 test_setfacl $ getfacl -a test_main/proj_with_ext_collab
# file: test_main/proj_with_ext_collab
# owner: lcollado
# group: lieber_jaffe
# flags: -s-
user::rwx
group::rwx
group:lieber:r-x
group:lieber_jaffe:rwx
mask::rwx
other::---
15:23 test_setfacl $ setfacl -m g:lieber_jaffe:rwx,g:lieber:rx,g:lieber_martinowich:rwx test_main/proj_with_team2
15:24 test_setfacl $ setfacl -m g:lieber_jaffe:rwx,g:lieber:rx,g:leekgroup:rwx test_main/proj_with_team2
15:24 test_setfacl $ setfacl -d -m g:lieber_jaffe:rwx,g:lieber:rx,g:lieber_martinowich:rwx test_main/proj_with_team2
15:24 test_setfacl $ setfacl -d -m g:lieber_jaffe:rwx,g:lieber:rx,g:leekgroup:rwx test_main/proj_with_team2
15:24 test_setfacl $ setfacl -m g:lieber_jaffe:rwx,g:lieber:rx,g:lieber_martinowich:rx,g:leekgroup:rx test_main
15:24 test_setfacl $ getfacl -a test_main/proj_with_team2
# file: test_main/proj_with_team2
# owner: lcollado
# group: lieber_jaffe
# flags: -s-
user::rwx
group::rwx
group:leekgroup:rwx
group:lieber:r-x
group:lieber_jaffe:rwx
group:lieber_martinowich:rwx
mask::rwx
other::---
15:24 test_setfacl $ getfacl -a test_main/proj_with_ext_collab
# file: test_main/proj_with_ext_collab
# owner: lcollado
# group: lieber_jaffe
# flags: -s-
user::rwx
group::rwx
group:lieber:r-x
group:lieber_jaffe:rwx
mask::rwx
other::---
15:24 test_setfacl $ mkdir test_proj2
15:24 test_setfacl $ touch test_proj2/hello
15:25 test_setfacl $ rsync -rltgvh test_proj2 test_main/proj_with_team2/
sending incremental file list
test_proj2/
test_proj2/hello
sent 127 bytes received 39 bytes 47.43 bytes/sec
total size is 0 speedup is 0.00
15:25 test_setfacl $ getfacl -a test_main/proj_with_team2/test_proj2
# file: test_main/proj_with_team2/test_proj2
# owner: lcollado
# group: lieber_jaffe
# flags: -s-
user::rwx
group::rwx
group:leekgroup:rwx
group:lieber:r-x
group:lieber_jaffe:rwx
group:lieber_martinowich:rwx
mask::rwx
other::---
15:25 test_setfacl $ getfacl -a test_main/proj_with_team2/test_proj2/hello
# file: test_main/proj_with_team2/test_proj2/hello
# owner: lcollado
# group: lieber_jaffe
user::rw-
group::rwx #effective:rw-
group:leekgroup:rwx #effective:rw-
group:lieber:r-x #effective:r--
group:lieber_jaffe:rwx #effective:rw-
group:lieber_martinowich:rwx #effective:rw-
mask::rw-
other::---
15:25 test_setfacl $ mkdir test_main/proj_with_ext_collab/new_dir
15:25 test_setfacl $ getfacl -a test_main/proj_with_ext_collab/new_dir
# file: test_main/proj_with_ext_collab/new_dir
# owner: lcollado
# group: lieber_jaffe
# flags: -s-
user::rwx
group::rwx
group:lieber:r-x
group:lieber_jaffe:rwx
mask::rwx
other::---
15:25 test_setfacl $ mkdir test_main/new_project
15:25 test_setfacl $ getfacl -a test_main/new_project
# file: test_main/new_project
# owner: lcollado
# group: lieber_jaffe
# flags: -s-
user::rwx
group::rwx
group:lieber:r-x
group:lieber_jaffe:rwx
mask::rwx
other::---
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment