Menu
▾
▴
#575 ACL inheritance ignored
I want to give owners and groups the same permissions, so my parent directory has the following ACL:
# getfacl . # file: . # owner: administrator # group: mygroup owner@:rwxpDdaARWcCos:fd----:allow group@:rwxpDdaARWcCos:fd----:allow everyone@:------a-R-c--s:------:allow
Inheritance is working on the file system, as seen when I'm using a shell:
mkdir blaa
# getfacl blaa
# file: blaa
# owner: root
# group: mygroup
owner@:rwxpDdaARWcCos:fd----:allow
group@:rwxpDdaARWcCos:fd----:allow
But when a folder is created over AFP, the inheritance is ignored:
getfacl blaa2 # file: blaa2 # owner: filipp.lepalaan # group: mygroup owner@:rwxp--aARWcCos:------:allow group@:rwxp--a-R-c--s:------:allow everyone@:r-x---a-R-c--s:------:allow
Same thing for files:
touch blaa.txt # getfacl blaa.txt # file: blaa.txt # owner: root # group: mygroup owner@:rwxpDdaARWcCos:------:allow group@:rwxpDdaARWcCos:------:allow
... but over AFP:
# getfacl blaa2.txt # file: blaa2.txt # owner: filipp.lepalaan # group: mygroup owner@:rwxp--aARWcCos:------:allow group@:rwxp--a-R-c--s:------:allow everyone@:------a-R-c--s:------:allow
This is Netatalk version 3.1.3, installed from ports with ACL support, running on FreeBSD 9.3-RELEASE:
afpd -V | grep ACL
ACL support: Yes
The client is OS X 10.9.4, also tested with 10.8.5 - same problem.
You could try playing around with the new option "chmod request" which was just added in 3.1.3.
Setting chmod request to "ignore" fixed the issue. ACLs are now inherited exactly as they should. This is awesome, thanks a ton, Ralph. "preserve" and "simple" seemed to work the same in my case.
I guess the value of the option might be a bit misleading - one could assume that "preserve" preserves and "ignore" ignores, but one must keep in mind that this refers to chmod which is famous for nuking ACLs. :)
Should there perhaps be a short explanation in the man page for the "ignore" option? Something along the lines of:
[5ade7fdc51ffaed6a4f32ba51b60991cb1a0b3b9].
Related
Commit: [5ade7f]