Print this page 
12288 getfacl and setfacl could stand improvement
Split Close
Expand all
Collapse all
          --- old/usr/src/man/man1/getfacl.1.man.txt
          +++ new/usr/src/man/man1/getfacl.1.man.txt
↓ open down ↓ 9 lines elided ↑ open up ↑ 
  10   10  
  11   11  
  12   12  DESCRIPTION
  13   13         For each argument that is a regular file, special file, or named pipe,
  14   14         the getfacl utility displays the owner, the group, and the Access
  15   15         Control List (ACL). For each directory argument, getfacl displays the
  16   16         owner, the group, and the ACL and/or the default ACL. Only directories
  17   17         contain default ACLs.
  18   18  
  19   19  
       20 +       The getfacl utility will fail if executed on a file system that
       21 +       supports NFSv4 ACLs.  See acl(5) for a description of the difference
       22 +       between the older POSIX-draft ACLs and the newer NFSv4 ACLs.  The ls(1)
       23 +       utility, when used with the -v or -V options, will display ACLs on all
       24 +       types of file system.
       25 +
       26 +
  20   27         The getfacl utility may be executed on a file system that does not
  21   28         support ACLs. It reports the ACL based on the base permission bits.
  22   29  
  23   30  
  24   31         With no options specified, getfacl displays the filename, the file
  25   32         owner, the file group owner, and both the ACL and the default ACL, if
  26   33         it exists.
  27   34  
  28   35  OPTIONS
  29   36         The following options are supported:
↓ open down ↓ 51 lines elided ↑ open up ↑ 
  81   88         the file has no default ACL, only these three lines are displayed.
  82   89  
  83   90  
  84   91         The user entry without a user ID indicates the permissions that are
  85   92         granted to the file owner. One or more additional user entries indicate
  86   93         the permissions that are granted to the specified users.
  87   94  
  88   95  
  89   96         The group entry without a group ID indicates the permissions that are
  90   97         granted to the file group owner. One or more additional group entries
  91      -       indicate the permissions that  are granted to the specified groups.
       98 +       indicate the permissions that are granted to the specified groups.
  92   99  
  93  100  
  94  101         The mask entry indicates the ACL mask permissions. These are the
  95  102         maximum permissions allowed to any user entries except the file owner,
  96  103         and to any group entries, including the file group owner. These
  97  104         permissions restrict the permissions specified in other entries.
  98  105  
  99  106  
 100  107         The other entry indicates the permissions that are granted to others.
 101  108
↓ open down ↓ 6 lines elided ↑ open up ↑ 
 108  115         The uid is a login name or a user ID if there is no entry for the uid
 109  116         in the system password file, /etc/passwd. The gid is a group name or a
 110  117         group ID if there is no entry for the gid in the system group file,
 111  118         /etc/group. The perm is a three character string composed of the
 112  119         letters representing the separate discretionary access rights: r
 113  120         (read), w (write), x (execute/search), or the place holder character -.
 114  121         The perm is displayed in the following order: rwx. If a permission is
 115  122         not granted by an ACL entry, the place holder character appears.
 116  123  
 117  124  
 118      -       If  you use the chmod(1) command to change the file group owner
      125 +       If you use the chmod(1) command to change the file group owner
 119  126         permissions on a file with ACL entries, both the file group owner
 120  127         permissions and the ACL mask are changed to the new permissions. Be
 121  128         aware that the new ACL mask permissions may change the effective
 122  129         permissions for additional users and groups who have ACL entries on the
 123  130         file.
 124  131  
 125  132  
 126      -       In order to indicate that the ACL mask  restricts an ACL entry, getfacl
      133 +       In order to indicate that the ACL mask restricts an ACL entry, getfacl
 127  134         displays an additional tab character, pound sign (#), and the actual
 128  135         permissions granted, following the entry.
 129  136  
 130  137  EXAMPLES
 131  138         Example 1 Displaying file information
 132  139  
 133  140  
 134  141         Given file foo, with an ACL six entries long, the command
 135  142  
 136  143
↓ open down ↓ 86 lines elided ↑ open up ↑ 
 223  230  
 224  231  
 225  232         +--------------------+-----------------+
 226  233         |  ATTRIBUTE TYPE    | ATTRIBUTE VALUE |
 227  234         +--------------------+-----------------+
 228  235         |Interface Stability | Evolving        |
 229  236         +--------------------+-----------------+
 230  237  
 231  238  SEE ALSO
 232  239         chmod(1), ls(1), setfacl(1), acl(2), aclsort(3SEC), group(4),
 233      -       passwd(4), attributes(5)
      240 +       passwd(4), acl(5), attributes(5)
 234  241  
 235  242  NOTES
 236  243         The output from getfacl is in the correct format for input to the
 237  244         setfacl -f command. If the output from getfacl is redirected to a file,
 238  245         the file may be used as input to setfacl. In this way, a user may
 239  246         easily assign one file's ACL to another file.
 240  247  
 241  248  
 242  249  
 243      -                               November 5, 1994                     GETFACL(1)
      250 +                               February 8, 2020                     GETFACL(1)
    
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX