How to explain this difference in Linux and FreeBSD ACL behaviour?
I am trying to understand the difference in behaviour between FreeBSD ACLs and Linux ACLs. In particular, the inheritance mechanism for the default ACLs.
I tried the following sequence of commands on Debian 9.6:
$ mkdir storage
$ chgrp stor storage
$ chmod g+ws storage
$ setfacl -d -m u::rwx,g::rwx,o::-,m::rwx storage
$ ls -l
drwxrwsr-x+ 2 aaa stor 4096 Dec 27 23:10 storage
$ touch outside
$ ls -l
-rw-r--r-- 1 aaa aaa 0 Dec 27 23:11 outside
drwxrwsr-x+ 2 aaa stor 4096 Dec 27 23:10 storage
$ cd storage
$ touch inside
$ ls -l
-rw-rw---- 1 aaa stor 0 Dec 27 23:11 inside
$ getfacl inside
# file: inside
# owner: aaa
# group: stor
user::rw-
group::rwx #effective:rw-
mask::rw-
other::---
$ umask
0022
Notice that the outside and inside files have different permissions. In particular, the outside file has -rw-r--r--, which is the default for this user and the inside file has -rw-rw----, respecting the default ACLs I assigned the storage directory.
If I try the exact same set of commands on FreeBSD 12:
$ mkdir storage
$ chgrp stor storage
$ chmod g+ws storage
$ setfacl -d -m u::rwx,g::rwx,o::-,m::rwx storage
$ ls -l
drwxrwsr-x 2 aaa stor 512 Dec 27 15:19 storage
$ touch outside
$ ls -l
-rw-r--r-- 1 aaa aaa 0 Dec 27 15:24 outside
drwxrwsr-x 2 aaa stor 512 Dec 27 15:24 storage
$ cd storage
$ touch inside
$ ls -l
-rw-r-----+ 1 aaa stor 0 Dec 27 15:25 inside
$ getfacl inside
# file: inside
# owner: aaa
# group: stor
user::rw-
group::rwx # effective: r--
mask::r--
other::---
$ umask
0022
Here, the outside and inside files also have different permissions, but the inside file does not have the group write permission that the Debian version does. Interestingly and possibly related, the mask in Debian retained the w while the mask in FreeBSD lost the w.
Why is this?
linux permissions freebsd acl
asked 25 mins ago
Roxy
1363
add a comment |
I am trying to understand the difference in behaviour between FreeBSD ACLs and Linux ACLs. In particular, the inheritance mechanism for the default ACLs.
I tried the following sequence of commands on Debian 9.6:
$ mkdir storage
$ chgrp stor storage
$ chmod g+ws storage
$ setfacl -d -m u::rwx,g::rwx,o::-,m::rwx storage
$ ls -l
drwxrwsr-x+ 2 aaa stor 4096 Dec 27 23:10 storage
$ touch outside
$ ls -l
-rw-r--r-- 1 aaa aaa 0 Dec 27 23:11 outside
drwxrwsr-x+ 2 aaa stor 4096 Dec 27 23:10 storage
$ cd storage
$ touch inside
$ ls -l
-rw-rw---- 1 aaa stor 0 Dec 27 23:11 inside
$ getfacl inside
# file: inside
# owner: aaa
# group: stor
user::rw-
group::rwx #effective:rw-
mask::rw-
other::---
$ umask
0022
Notice that the outside and inside files have different permissions. In particular, the outside file has -rw-r--r--, which is the default for this user and the inside file has -rw-rw----, respecting the default ACLs I assigned the storage directory.
If I try the exact same set of commands on FreeBSD 12:
$ mkdir storage
$ chgrp stor storage
$ chmod g+ws storage
$ setfacl -d -m u::rwx,g::rwx,o::-,m::rwx storage
$ ls -l
drwxrwsr-x 2 aaa stor 512 Dec 27 15:19 storage
$ touch outside
$ ls -l
-rw-r--r-- 1 aaa aaa 0 Dec 27 15:24 outside
drwxrwsr-x 2 aaa stor 512 Dec 27 15:24 storage
$ cd storage
$ touch inside
$ ls -l
-rw-r-----+ 1 aaa stor 0 Dec 27 15:25 inside
$ getfacl inside
# file: inside
# owner: aaa
# group: stor
user::rw-
group::rwx # effective: r--
mask::r--
other::---
$ umask
0022
Here, the outside and inside files also have different permissions, but the inside file does not have the group write permission that the Debian version does. Interestingly and possibly related, the mask in Debian retained the w while the mask in FreeBSD lost the w.
Why is this?
linux permissions freebsd acl
asked 25 mins ago
Roxy
1363
add a comment |
I am trying to understand the difference in behaviour between FreeBSD ACLs and Linux ACLs. In particular, the inheritance mechanism for the default ACLs.
I tried the following sequence of commands on Debian 9.6:
$ mkdir storage
$ chgrp stor storage
$ chmod g+ws storage
$ setfacl -d -m u::rwx,g::rwx,o::-,m::rwx storage
$ ls -l
drwxrwsr-x+ 2 aaa stor 4096 Dec 27 23:10 storage
$ touch outside
$ ls -l
-rw-r--r-- 1 aaa aaa 0 Dec 27 23:11 outside
drwxrwsr-x+ 2 aaa stor 4096 Dec 27 23:10 storage
$ cd storage
$ touch inside
$ ls -l
-rw-rw---- 1 aaa stor 0 Dec 27 23:11 inside
$ getfacl inside
# file: inside
# owner: aaa
# group: stor
user::rw-
group::rwx #effective:rw-
mask::rw-
other::---
$ umask
0022
Notice that the outside and inside files have different permissions. In particular, the outside file has -rw-r--r--, which is the default for this user and the inside file has -rw-rw----, respecting the default ACLs I assigned the storage directory.
If I try the exact same set of commands on FreeBSD 12:
$ mkdir storage
$ chgrp stor storage
$ chmod g+ws storage
$ setfacl -d -m u::rwx,g::rwx,o::-,m::rwx storage
$ ls -l
drwxrwsr-x 2 aaa stor 512 Dec 27 15:19 storage
$ touch outside
$ ls -l
-rw-r--r-- 1 aaa aaa 0 Dec 27 15:24 outside
drwxrwsr-x 2 aaa stor 512 Dec 27 15:24 storage
$ cd storage
$ touch inside
$ ls -l
-rw-r-----+ 1 aaa stor 0 Dec 27 15:25 inside
$ getfacl inside
# file: inside
# owner: aaa
# group: stor
user::rw-
group::rwx # effective: r--
mask::r--
other::---
$ umask
0022
Here, the outside and inside files also have different permissions, but the inside file does not have the group write permission that the Debian version does. Interestingly and possibly related, the mask in Debian retained the w while the mask in FreeBSD lost the w.
Why is this?
linux permissions freebsd acl
asked 25 mins ago
Roxy
1363
I am trying to understand the difference in behaviour between FreeBSD ACLs and Linux ACLs. In particular, the inheritance mechanism for the default ACLs.
I tried the following sequence of commands on Debian 9.6:
$ mkdir storage
$ chgrp stor storage
$ chmod g+ws storage
$ setfacl -d -m u::rwx,g::rwx,o::-,m::rwx storage
$ ls -l
drwxrwsr-x+ 2 aaa stor 4096 Dec 27 23:10 storage
$ touch outside
$ ls -l
-rw-r--r-- 1 aaa aaa 0 Dec 27 23:11 outside
drwxrwsr-x+ 2 aaa stor 4096 Dec 27 23:10 storage
$ cd storage
$ touch inside
$ ls -l
-rw-rw---- 1 aaa stor 0 Dec 27 23:11 inside
$ getfacl inside
# file: inside
# owner: aaa
# group: stor
user::rw-
group::rwx #effective:rw-
mask::rw-
other::---
$ umask
0022
Notice that the outside and inside files have different permissions. In particular, the outside file has -rw-r--r--, which is the default for this user and the inside file has -rw-rw----, respecting the default ACLs I assigned the storage directory.
If I try the exact same set of commands on FreeBSD 12:
$ mkdir storage
$ chgrp stor storage
$ chmod g+ws storage
$ setfacl -d -m u::rwx,g::rwx,o::-,m::rwx storage
$ ls -l
drwxrwsr-x 2 aaa stor 512 Dec 27 15:19 storage
$ touch outside
$ ls -l
-rw-r--r-- 1 aaa aaa 0 Dec 27 15:24 outside
drwxrwsr-x 2 aaa stor 512 Dec 27 15:24 storage
$ cd storage
$ touch inside
$ ls -l
-rw-r-----+ 1 aaa stor 0 Dec 27 15:25 inside
$ getfacl inside
# file: inside
# owner: aaa
# group: stor
user::rw-
group::rwx # effective: r--
mask::r--
other::---
$ umask
0022
Here, the outside and inside files also have different permissions, but the inside file does not have the group write permission that the Debian version does. Interestingly and possibly related, the mask in Debian retained the w while the mask in FreeBSD lost the w.
Why is this?
linux permissions freebsd acl
linux permissions freebsd acl
asked 25 mins ago
Roxy
1363
asked 25 mins ago
Roxy
1363
edited 11 mins ago
asked 25 mins ago
Roxy
1363
asked 25 mins ago
Roxy
1363
asked 25 mins ago
Roxy
1363
1363
add a comment |
add a comment |
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f491272%2fhow-to-explain-this-difference-in-linux-and-freebsd-acl-behaviour%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f491272%2fhow-to-explain-this-difference-in-linux-and-freebsd-acl-behaviour%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
