Why are my new files not getting the group writeable permission?












1














I would like to set up a directory such that all new files are group writeable, regardless of the umask setting of the individual user.



I've created a stor group and added all users to it. Then, I created the folder:



$ mkdir uaroot
$ chgrp stor uaroot
$ ls -l
total 4
drwxr-xr-x 2 ua stor 512 Dec 27 14:35 uaroot


I set the ACLs for it:



$ setfacl -d -m u::rwx,g::rwx,o::rx,mask::rwx uaroot
$ setfacl -m u::rwx,g::rwx,o::rx,mask::rwx uaroot
$ ls -l
total 8
drwxrwxr-x+ 2 ua stor 512 Dec 27 14:35 uaroot


I can see the ACLs set as:



$ getfacl uaroot
# file: uaroot
# owner: ua
# group: stor
user::rwx
group::rwx
mask::rwx
other::r-x

$ getfacl -d uaroot
# file: uaroot
# owner: ua
# group: stor
user::rwx
group::rwx
mask::rwx
other::r-x


I thought this will have files inside this directory automatically get group writeable permission, but this wasn't the case:



$ cd uaroot
$ touch a
$ ls -l
total 4
-rw-r--r--+ 1 ua stor 0 Dec 27 14:38 a

$ getfacl a
# file: a
# owner: ua
# group: stor
user::rw-
group::rwx # effective: r--
mask::r--
other::r--


What does the effective callout mean above? What am I missing in order to have all files get group writeable permission?










share|improve this question
























  • I don't see the default keyword from your getfacl results!
    – George Udosen
    Dec 28 '18 at 6:59










  • I think you removed the default settings when you ran setfacl -m u::rwx,g::rwx,o::rx,mask::rwx uaroot! Rerun with that -d option.
    – George Udosen
    Dec 28 '18 at 7:01


















1














I would like to set up a directory such that all new files are group writeable, regardless of the umask setting of the individual user.



I've created a stor group and added all users to it. Then, I created the folder:



$ mkdir uaroot
$ chgrp stor uaroot
$ ls -l
total 4
drwxr-xr-x 2 ua stor 512 Dec 27 14:35 uaroot


I set the ACLs for it:



$ setfacl -d -m u::rwx,g::rwx,o::rx,mask::rwx uaroot
$ setfacl -m u::rwx,g::rwx,o::rx,mask::rwx uaroot
$ ls -l
total 8
drwxrwxr-x+ 2 ua stor 512 Dec 27 14:35 uaroot


I can see the ACLs set as:



$ getfacl uaroot
# file: uaroot
# owner: ua
# group: stor
user::rwx
group::rwx
mask::rwx
other::r-x

$ getfacl -d uaroot
# file: uaroot
# owner: ua
# group: stor
user::rwx
group::rwx
mask::rwx
other::r-x


I thought this will have files inside this directory automatically get group writeable permission, but this wasn't the case:



$ cd uaroot
$ touch a
$ ls -l
total 4
-rw-r--r--+ 1 ua stor 0 Dec 27 14:38 a

$ getfacl a
# file: a
# owner: ua
# group: stor
user::rw-
group::rwx # effective: r--
mask::r--
other::r--


What does the effective callout mean above? What am I missing in order to have all files get group writeable permission?










share|improve this question
























  • I don't see the default keyword from your getfacl results!
    – George Udosen
    Dec 28 '18 at 6:59










  • I think you removed the default settings when you ran setfacl -m u::rwx,g::rwx,o::rx,mask::rwx uaroot! Rerun with that -d option.
    – George Udosen
    Dec 28 '18 at 7:01
















1












1








1







I would like to set up a directory such that all new files are group writeable, regardless of the umask setting of the individual user.



I've created a stor group and added all users to it. Then, I created the folder:



$ mkdir uaroot
$ chgrp stor uaroot
$ ls -l
total 4
drwxr-xr-x 2 ua stor 512 Dec 27 14:35 uaroot


I set the ACLs for it:



$ setfacl -d -m u::rwx,g::rwx,o::rx,mask::rwx uaroot
$ setfacl -m u::rwx,g::rwx,o::rx,mask::rwx uaroot
$ ls -l
total 8
drwxrwxr-x+ 2 ua stor 512 Dec 27 14:35 uaroot


I can see the ACLs set as:



$ getfacl uaroot
# file: uaroot
# owner: ua
# group: stor
user::rwx
group::rwx
mask::rwx
other::r-x

$ getfacl -d uaroot
# file: uaroot
# owner: ua
# group: stor
user::rwx
group::rwx
mask::rwx
other::r-x


I thought this will have files inside this directory automatically get group writeable permission, but this wasn't the case:



$ cd uaroot
$ touch a
$ ls -l
total 4
-rw-r--r--+ 1 ua stor 0 Dec 27 14:38 a

$ getfacl a
# file: a
# owner: ua
# group: stor
user::rw-
group::rwx # effective: r--
mask::r--
other::r--


What does the effective callout mean above? What am I missing in order to have all files get group writeable permission?










share|improve this question















I would like to set up a directory such that all new files are group writeable, regardless of the umask setting of the individual user.



I've created a stor group and added all users to it. Then, I created the folder:



$ mkdir uaroot
$ chgrp stor uaroot
$ ls -l
total 4
drwxr-xr-x 2 ua stor 512 Dec 27 14:35 uaroot


I set the ACLs for it:



$ setfacl -d -m u::rwx,g::rwx,o::rx,mask::rwx uaroot
$ setfacl -m u::rwx,g::rwx,o::rx,mask::rwx uaroot
$ ls -l
total 8
drwxrwxr-x+ 2 ua stor 512 Dec 27 14:35 uaroot


I can see the ACLs set as:



$ getfacl uaroot
# file: uaroot
# owner: ua
# group: stor
user::rwx
group::rwx
mask::rwx
other::r-x

$ getfacl -d uaroot
# file: uaroot
# owner: ua
# group: stor
user::rwx
group::rwx
mask::rwx
other::r-x


I thought this will have files inside this directory automatically get group writeable permission, but this wasn't the case:



$ cd uaroot
$ touch a
$ ls -l
total 4
-rw-r--r--+ 1 ua stor 0 Dec 27 14:38 a

$ getfacl a
# file: a
# owner: ua
# group: stor
user::rw-
group::rwx # effective: r--
mask::r--
other::r--


What does the effective callout mean above? What am I missing in order to have all files get group writeable permission?







permissions freebsd acl






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Dec 28 '18 at 16:29







Roxy

















asked Dec 28 '18 at 6:40









RoxyRoxy

2306




2306












  • I don't see the default keyword from your getfacl results!
    – George Udosen
    Dec 28 '18 at 6:59










  • I think you removed the default settings when you ran setfacl -m u::rwx,g::rwx,o::rx,mask::rwx uaroot! Rerun with that -d option.
    – George Udosen
    Dec 28 '18 at 7:01




















  • I don't see the default keyword from your getfacl results!
    – George Udosen
    Dec 28 '18 at 6:59










  • I think you removed the default settings when you ran setfacl -m u::rwx,g::rwx,o::rx,mask::rwx uaroot! Rerun with that -d option.
    – George Udosen
    Dec 28 '18 at 7:01


















I don't see the default keyword from your getfacl results!
– George Udosen
Dec 28 '18 at 6:59




I don't see the default keyword from your getfacl results!
– George Udosen
Dec 28 '18 at 6:59












I think you removed the default settings when you ran setfacl -m u::rwx,g::rwx,o::rx,mask::rwx uaroot! Rerun with that -d option.
– George Udosen
Dec 28 '18 at 7:01






I think you removed the default settings when you ran setfacl -m u::rwx,g::rwx,o::rx,mask::rwx uaroot! Rerun with that -d option.
– George Udosen
Dec 28 '18 at 7:01












1 Answer
1






active

oldest

votes


















2














You cancelled your earlier setting when you ran setfacl -m ::rwx,g::rwx,o::rx,mask::rwx uaroot, without the -d option and with the -m which modifies the current ACL settings on an object, rerun it with the -d to get what you want.



setfacl -d -m u::rwx,g::rwx,o::rx,mask::rwx uaroot


My test returns:



-rw-rw-r--+ 1 georgek georgek 0 Dec 28 08:04 koko/a


And note that the default keyword is missing as a result of you running that second setfacl command. You need to see



# file: koko/
# owner: georgek
# group: georgek
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::rwx
default:mask::rwx
default:other::r-x


To be sure the defaults will apply to newly created files in that folder. And the getfacl for the created file for my test is



# file: koko/a
# owner: georgek
# group: georgek
user::rw-
group::rwx #effective:rw-
mask::rw-
other::r--





share|improve this answer























  • Hi George, this is not it. The default ACLs do not get overridden because they are separate and independent of the normal ACLs. I believe you are assuming I'm using Linux when I'm actually using FreeBSD.
    – Roxy
    Dec 28 '18 at 9:42










  • Sorry that wasn't stated...
    – George Udosen
    Dec 28 '18 at 9:59










  • Thanks for offering. I’ve investigated the issue further and have a more clear question here: unix.stackexchange.com/questions/491272/…
    – Roxy
    Dec 28 '18 at 16:30













Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f491252%2fwhy-are-my-new-files-not-getting-the-group-writeable-permission%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









2














You cancelled your earlier setting when you ran setfacl -m ::rwx,g::rwx,o::rx,mask::rwx uaroot, without the -d option and with the -m which modifies the current ACL settings on an object, rerun it with the -d to get what you want.



setfacl -d -m u::rwx,g::rwx,o::rx,mask::rwx uaroot


My test returns:



-rw-rw-r--+ 1 georgek georgek 0 Dec 28 08:04 koko/a


And note that the default keyword is missing as a result of you running that second setfacl command. You need to see



# file: koko/
# owner: georgek
# group: georgek
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::rwx
default:mask::rwx
default:other::r-x


To be sure the defaults will apply to newly created files in that folder. And the getfacl for the created file for my test is



# file: koko/a
# owner: georgek
# group: georgek
user::rw-
group::rwx #effective:rw-
mask::rw-
other::r--





share|improve this answer























  • Hi George, this is not it. The default ACLs do not get overridden because they are separate and independent of the normal ACLs. I believe you are assuming I'm using Linux when I'm actually using FreeBSD.
    – Roxy
    Dec 28 '18 at 9:42










  • Sorry that wasn't stated...
    – George Udosen
    Dec 28 '18 at 9:59










  • Thanks for offering. I’ve investigated the issue further and have a more clear question here: unix.stackexchange.com/questions/491272/…
    – Roxy
    Dec 28 '18 at 16:30


















2














You cancelled your earlier setting when you ran setfacl -m ::rwx,g::rwx,o::rx,mask::rwx uaroot, without the -d option and with the -m which modifies the current ACL settings on an object, rerun it with the -d to get what you want.



setfacl -d -m u::rwx,g::rwx,o::rx,mask::rwx uaroot


My test returns:



-rw-rw-r--+ 1 georgek georgek 0 Dec 28 08:04 koko/a


And note that the default keyword is missing as a result of you running that second setfacl command. You need to see



# file: koko/
# owner: georgek
# group: georgek
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::rwx
default:mask::rwx
default:other::r-x


To be sure the defaults will apply to newly created files in that folder. And the getfacl for the created file for my test is



# file: koko/a
# owner: georgek
# group: georgek
user::rw-
group::rwx #effective:rw-
mask::rw-
other::r--





share|improve this answer























  • Hi George, this is not it. The default ACLs do not get overridden because they are separate and independent of the normal ACLs. I believe you are assuming I'm using Linux when I'm actually using FreeBSD.
    – Roxy
    Dec 28 '18 at 9:42










  • Sorry that wasn't stated...
    – George Udosen
    Dec 28 '18 at 9:59










  • Thanks for offering. I’ve investigated the issue further and have a more clear question here: unix.stackexchange.com/questions/491272/…
    – Roxy
    Dec 28 '18 at 16:30
















2












2








2






You cancelled your earlier setting when you ran setfacl -m ::rwx,g::rwx,o::rx,mask::rwx uaroot, without the -d option and with the -m which modifies the current ACL settings on an object, rerun it with the -d to get what you want.



setfacl -d -m u::rwx,g::rwx,o::rx,mask::rwx uaroot


My test returns:



-rw-rw-r--+ 1 georgek georgek 0 Dec 28 08:04 koko/a


And note that the default keyword is missing as a result of you running that second setfacl command. You need to see



# file: koko/
# owner: georgek
# group: georgek
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::rwx
default:mask::rwx
default:other::r-x


To be sure the defaults will apply to newly created files in that folder. And the getfacl for the created file for my test is



# file: koko/a
# owner: georgek
# group: georgek
user::rw-
group::rwx #effective:rw-
mask::rw-
other::r--





share|improve this answer














You cancelled your earlier setting when you ran setfacl -m ::rwx,g::rwx,o::rx,mask::rwx uaroot, without the -d option and with the -m which modifies the current ACL settings on an object, rerun it with the -d to get what you want.



setfacl -d -m u::rwx,g::rwx,o::rx,mask::rwx uaroot


My test returns:



-rw-rw-r--+ 1 georgek georgek 0 Dec 28 08:04 koko/a


And note that the default keyword is missing as a result of you running that second setfacl command. You need to see



# file: koko/
# owner: georgek
# group: georgek
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::rwx
default:mask::rwx
default:other::r-x


To be sure the defaults will apply to newly created files in that folder. And the getfacl for the created file for my test is



# file: koko/a
# owner: georgek
# group: georgek
user::rw-
group::rwx #effective:rw-
mask::rw-
other::r--






share|improve this answer














share|improve this answer



share|improve this answer








edited Dec 28 '18 at 7:31

























answered Dec 28 '18 at 7:09









George UdosenGeorge Udosen

1,212319




1,212319












  • Hi George, this is not it. The default ACLs do not get overridden because they are separate and independent of the normal ACLs. I believe you are assuming I'm using Linux when I'm actually using FreeBSD.
    – Roxy
    Dec 28 '18 at 9:42










  • Sorry that wasn't stated...
    – George Udosen
    Dec 28 '18 at 9:59










  • Thanks for offering. I’ve investigated the issue further and have a more clear question here: unix.stackexchange.com/questions/491272/…
    – Roxy
    Dec 28 '18 at 16:30




















  • Hi George, this is not it. The default ACLs do not get overridden because they are separate and independent of the normal ACLs. I believe you are assuming I'm using Linux when I'm actually using FreeBSD.
    – Roxy
    Dec 28 '18 at 9:42










  • Sorry that wasn't stated...
    – George Udosen
    Dec 28 '18 at 9:59










  • Thanks for offering. I’ve investigated the issue further and have a more clear question here: unix.stackexchange.com/questions/491272/…
    – Roxy
    Dec 28 '18 at 16:30


















Hi George, this is not it. The default ACLs do not get overridden because they are separate and independent of the normal ACLs. I believe you are assuming I'm using Linux when I'm actually using FreeBSD.
– Roxy
Dec 28 '18 at 9:42




Hi George, this is not it. The default ACLs do not get overridden because they are separate and independent of the normal ACLs. I believe you are assuming I'm using Linux when I'm actually using FreeBSD.
– Roxy
Dec 28 '18 at 9:42












Sorry that wasn't stated...
– George Udosen
Dec 28 '18 at 9:59




Sorry that wasn't stated...
– George Udosen
Dec 28 '18 at 9:59












Thanks for offering. I’ve investigated the issue further and have a more clear question here: unix.stackexchange.com/questions/491272/…
– Roxy
Dec 28 '18 at 16:30






Thanks for offering. I’ve investigated the issue further and have a more clear question here: unix.stackexchange.com/questions/491272/…
– Roxy
Dec 28 '18 at 16:30




















draft saved

draft discarded




















































Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f491252%2fwhy-are-my-new-files-not-getting-the-group-writeable-permission%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Monofisismo

Angular Downloading a file using contenturl with Basic Authentication

Olmecas