Name

gfsetfacl — set Gfarm file access control lists

Synopsis

gfsetfacl [options] [path...]

DESCRIPTION

gfsetfacl changes the Access Control List (ACL) of files or directories in the Gfarm filesystem.

OPTIONS

-b

removes all extended ACL entries. (The base ACL entries of the owner, group and others are not removed.)

-k

removes the only Default ACL.

-n

do not recalculate the mask entry of the ACL. The default behavior of gfsetfacl is to recalculate the mask entry, if a mask entry is not explicitly given.

-r

always recalculate the mask entry of the ACL. (Even if a mask entry is explicitly given.) (See the -n option.)

-t

is test mode. Instead of changing the ACL of any files or directories, the ACL text of input text and the new ACL text are displayed.

-m acl_spec

This option specifies the ACL entries text to add/replace the ACL entries of a Gfarm files or directories. Multiple ACL entries are separated by comma characters (`,').

-M acl_file

This option specifies the file or standard input (`-') to add/replace the ACL entries of a Gfarm files or directories. This input of ACL file accepts the output of gfgetfacl command.

-R

changes ACL recursively.

-?

displays a list of command options.

ACL ENTRIES

The gfsetfacl command recognizes the following ACL entry formats. The perms field is a combination of characters that indicate the permissions: read (r), write (w), execute (x). A Default ACL entry has a d[efault:] prefix.

[d[efault:]u[ser]::perms

Permissions of owner.

[d[efault:]u[ser]:username:perms

Permissions of a named user.

[d[efault:]g[roup]::perms

Permissions of a file group.

[d[efault:]g[roup]:groupname:perms

Permissions of a named group.

[d[efault:]m[ask]::perms

mask of effective rights

[d[efault:]o[ther]::perms

Permissions of others.

EXAMPLES

Granting read access to a named user

gfsetfacl -m u:testuser:r filename

Replacing the ACL of filename2 by filename1

gfgetfacl filename1 | gfsetfacl -b -M - filename2

ACL text of long form


# comment
user::rw-
user:testuser:rw-       #effective:r--
group::r--
group:testgroup:rw-     #effective:r--
mask::r--
other::r--
default:user::rwx
default:group::r-x
default:other::r-x

ACL text of short form


u::rw,u:user1:rw,g::r,g:group1:rw,m::r,o::r,d:u::rwx,d:g::rx,d:o::rx

SEE ALSO

gfgetfacl(1)