facl-gate Cdiff usr/src/man/man1/setfacl.1

Print this page

12288 getfacl and setfacl could stand improvement


*** 1,15 ****
  '\" te
  .\"  Copyright (c) 2006, Sun Microsystems, Inc. All Rights Reserved
  .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
  .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
  .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
! .TH SETFACL 1 "Dec 19, 2006"
  .SH NAME
  setfacl \- modify the Access Control List (ACL) for a file or files
  .SH SYNOPSIS
- .LP
  .nf
  \fBsetfacl\fR [\fB-r\fR] \fB-s\fR \fIacl_entries\fR \fIfile\fR
  .fi
  
  .LP
--- 1,15 ----
  '\" te
  .\"  Copyright (c) 2006, Sun Microsystems, Inc. All Rights Reserved
+ .\" Copyright (c) 2020 Peter Tribble.
  .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
  .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
  .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
! .TH SETFACL 1 "Feb 8, 2020"
  .SH NAME
  setfacl \- modify the Access Control List (ACL) for a file or files
  .SH SYNOPSIS
  .nf
  \fBsetfacl\fR [\fB-r\fR] \fB-s\fR \fIacl_entries\fR \fIfile\fR
  .fi
  
  .LP
*** 21,38 ****
  .nf
  \fBsetfacl\fR [\fB-r\fR] \fB-f\fR \fIacl_file\fR \fIfile\fR
  .fi
  
  .SH DESCRIPTION
- .sp
- .LP
  For each file specified, \fBsetfacl\fR either replaces its entire \fBACL\fR,
  including the default \fBACL\fR on a directory, or it adds, modifies, or
  deletes one or more \fBACL\fR entries, including default entries on
  directories.
  .sp
  .LP
  When the \fBsetfacl\fR command is used, it can result in changes to the file
  permission bits. When the user \fBACL\fR entry for the file owner is changed,
  the file owner class permission bits are modified. When the group \fBACL\fR
  entry for the file group class is changed, the file group class permission bits
  are modified. When the other \fBACL\fR entry is changed, the file other class
--- 21,42 ----
  .nf
  \fBsetfacl\fR [\fB-r\fR] \fB-f\fR \fIacl_file\fR \fIfile\fR
  .fi
  
  .SH DESCRIPTION
  For each file specified, \fBsetfacl\fR either replaces its entire \fBACL\fR,
  including the default \fBACL\fR on a directory, or it adds, modifies, or
  deletes one or more \fBACL\fR entries, including default entries on
  directories.
  .sp
  .LP
+ The \fBsetfacl\fR utility can only manipulate POSIX-draft \fBACL\fRs.  See
+ \fBacl\fR(5) for a description of the difference between the older POSIX-draft
+ \fBACL\fRs and the newer NFSv4 \fBACL\fRs.  The \fBchmod\fR(1) utility can
+ be used to manipulate \fBACL\fRs on all types of file system.
+ .sp
+ .LP
  When the \fBsetfacl\fR command is used, it can result in changes to the file
  permission bits. When the user \fBACL\fR entry for the file owner is changed,
  the file owner class permission bits are modified. When the group \fBACL\fR
  entry for the file group class is changed, the file group class permission bits
  are modified. When the other \fBACL\fR entry is changed, the file other class
*** 61,72 ****
  Use the \fBsetfacl\fR command to set ACLs on files in a UFS file system, which
  supports POSIX-draft ACLS (or \fBaclent_t\fR style ACLs). Use the \fBchmod\fR
  command to set ACLs on files in a ZFS file system, which supports NFSv4-style
  ACLS (or \fBace_t\fR style ACLs).
  .SS "\fIacl_entries\fR Syntax"
- .sp
- .LP
  For the \fB-m\fR and \fB-s\fR options, \fIacl_entries\fR are one or more
  comma-separated \fBACL\fR entries.
  .sp
  .LP
  An \fBACL\fR entry consists of the following fields separated by colons:
--- 65,74 ----
*** 146,157 ****
  .LP
  For the \fB-d\fR option, \fIacl_entries\fR are one or more comma-separated
  \fBACL\fR entries without permissions. Notice that the entries for file owner,
  file group owner, \fBACL\fR mask, and others can not be deleted.
  .SH OPTIONS
- .sp
- .LP
  The options have the following meaning:
  .sp
  .ne 2
  .na
  \fB\fB-d\fR \fIacl_entries\fR\fR
--- 148,157 ----
*** 291,301 ****
  \fBdefault user\fR entries with the same \fIuid\fR, or duplicate \fBdefault
  group\fR entries with the same \fIgid\fR.
  .RE
  
  .SH EXAMPLES
- .LP
  \fBExample 1 \fRAdding read permission only
  .sp
  .LP
  The following example adds one \fBACL\fR entry to file \fBabc\fR, which gives
  user \fBshea\fR read permission only.
--- 291,300 ----
*** 351,361 ****
  .fi
  .in -2
  .sp
  
  .SH FILES
- .sp
  .ne 2
  .na
  \fB\fB/etc/passwd\fR\fR
  .ad
  .RS 15n
--- 350,359 ----
*** 370,378 ****
  .RS 15n
  group file
  .RE
  
  .SH SEE ALSO
- .sp
- .LP
  \fBchmod\fR(1), \fBgetfacl\fR(1), \fBumask\fR(1), \fBaclcheck\fR(3SEC),
! \fBaclsort\fR(3SEC), \fBgroup\fR(4), \fBpasswd\fR(4), \fBattributes\fR(5)
--- 368,375 ----
  .RS 15n
  group file
  .RE
  
  .SH SEE ALSO
  \fBchmod\fR(1), \fBgetfacl\fR(1), \fBumask\fR(1), \fBaclcheck\fR(3SEC),
! \fBaclsort\fR(3SEC), \fBgroup\fR(4), \fBpasswd\fR(4), \fBacl\fR(5),
! \fBattributes\fR(5)