How to change ACLs on zfs files in Solaris?
-
Check the current ACLs on file1:
# ls -v file1 -rw-r--r-- 1 root root 0 Jun 10 18:05 file1 0:owner@:execute:deny 1:owner@:read_data/write_data/append_data/write_xattr/write_attributes /write_acl/write_owner:allow 2:group@:write_data/append_data/execute:deny 3:group@:read_data:allow 4:everyone@:write_data/append_data/write_xattr/execute/write_attributes /write_acl/write_owner:deny 5:everyone@:read_data/read_xattr/read_attributes/read_acl/synchronize :allow
To grant group@ write_data permissions:
# chmod A2=group@:append_data/execute:deny file1 # chmod A3=group@:read_data/write_data:allow file1
Check:
# ls -v file1 -rw-rw-r-- 1 root root 0 Jun 10 18:27 file1 0:owner@:execute:deny 1:owner@:read_data/write_data/append_data/write_xattr/write_attributes /write_acl/write_owner:allow 2:group@:append_data/execute:deny 3:group@:read_data/write_data:allow 4:everyone@:write_data/append_data/write_xattr/execute/write_attributes /write_acl/write_owner:deny 5:everyone@:read_data/read_xattr/read_attributes/read_acl/synchronize :allow
To revert back to denying write_data permissions for group@ to file1:
# chmod 644 file1 # ls -v file1 -rw-r--r-- 1 root root 0 Jun 10 18:27 file1 0:owner@:execute:deny 1:owner@:read_data/write_data/append_data/write_xattr/write_attributes /write_acl/write_owner:allow 2:group@:write_data/append_data/execute:deny 3:group@:read_data:allow 4:everyone@:write_data/append_data/write_xattr/execute/write_attributes /write_acl/write_owner:deny 5:everyone@:read_data/read_xattr/read_attributes/read_acl/synchronize :allow
For a compact output:
# ls -dV test_pool drwxr-xr-x 6 root root 6 Jun 8 21:36 test_pool owner@:--------------:------:deny owner@:rwxp---A-W-Co-:------:allow group@:-w-p----------:------:deny group@:r-x-----------:------:allow everyone@:-w-p---A-W-Co-:------:deny everyone@:r-x---a-R-c--s:------:allow
© Lightnetics 2024