guermantes
Patron
- Joined
- Sep 27, 2017
- Messages
- 213
I'll spare you the rant about SSH directory/file permissions for newly created users, but I after three hours I was finally getting some hang of how to use
Anyway, this is what I did. Look how stupidly I was placed in the tree. When the first command did not finish immediately, I freaked and Ctrl-C out. I don't know if
Does anyone know how
setfacl
. But it took many hours for a small thing, and I was very frustrated about the complexity of setfacl, and the fact that many tutorials online don't seem to apply to freebsd (NFS4?) I had actually solved my problem, setfacl
:ing the equivalent of chmod 700
for directory logfetcher, but wanted to tidy up the ACLs for that directory (basically getting rid of the last four lines listed by getfacl
), but I rushed it a tad...Anyway, this is what I did. Look how stupidly I was placed in the tree. When the first command did not finish immediately, I freaked and Ctrl-C out. I don't know if
setfacl
was busy beginning to change ACLs for my entire server from the root level, or if the command just went to cyberspace since no target was specified. Does anyone know how
setfacl
would have behaved without the target? Is it time for me to do a facepalm?Code:
root@freenas:~ # setfacl -x everyone@:r-x---a-R-c--s:-------:allow ^C root@freenas:~ # getfacl /mnt/TANK/home/logfetcher # file: /mnt/TANK/home/logfetcher # owner: logfetcher # group: logfetcher user:logfetcher:rwx-----------:-------:allow everyone@:rwx-----------:-------:deny group:logfetcher:rwx-----------:-------:deny owner@:rwxpDdaARWcCo-:fd-----:allow group@:rwxp--a-R-c--s:-------:allow everyone@:r-x---a-R-c--s:-------:allow root@freenas:~ # setfacl -x everyone@:r-x---a-R-c--s:-------:allow /mnt/TANK/home/logfetcher root@freenas:~ # getfacl /mnt/TANK/home/logfetcher # file: /mnt/TANK/home/logfetcher # owner: logfetcher # group: logfetcher user:logfetcher:rwx-----------:-------:allow everyone@:rwx-----------:-------:deny group:logfetcher:rwx-----------:-------:deny owner@:rwxpDdaARWcCo-:fd-----:allow group@:rwxp--a-R-c--s:-------:allow root@freenas:~ #