facl-gate Udiff usr/src/man/man1/setfacl.1

Print this page

12288 getfacl and setfacl could stand improvement

@@ -1,15 +1,15 @@
 '\" te
 .\"  Copyright (c) 2006, Sun Microsystems, Inc. All Rights Reserved
+.\" Copyright (c) 2020 Peter Tribble.
 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
 .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
-.TH SETFACL 1 "Dec 19, 2006"
+.TH SETFACL 1 "Feb 8, 2020"
 .SH NAME
 setfacl \- modify the Access Control List (ACL) for a file or files
 .SH SYNOPSIS
-.LP
 .nf
 \fBsetfacl\fR [\fB-r\fR] \fB-s\fR \fIacl_entries\fR \fIfile\fR
 .fi
 
 .LP

@@ -21,18 +21,22 @@
 .nf
 \fBsetfacl\fR [\fB-r\fR] \fB-f\fR \fIacl_file\fR \fIfile\fR
 .fi
 
 .SH DESCRIPTION
-.sp
-.LP
 For each file specified, \fBsetfacl\fR either replaces its entire \fBACL\fR,
 including the default \fBACL\fR on a directory, or it adds, modifies, or
 deletes one or more \fBACL\fR entries, including default entries on
 directories.
 .sp
 .LP
+The \fBsetfacl\fR utility can only manipulate POSIX-draft \fBACL\fRs.  See
+\fBacl\fR(5) for a description of the difference between the older POSIX-draft
+\fBACL\fRs and the newer NFSv4 \fBACL\fRs.  The \fBchmod\fR(1) utility can
+be used to manipulate \fBACL\fRs on all types of file system.
+.sp
+.LP
 When the \fBsetfacl\fR command is used, it can result in changes to the file
 permission bits. When the user \fBACL\fR entry for the file owner is changed,
 the file owner class permission bits are modified. When the group \fBACL\fR
 entry for the file group class is changed, the file group class permission bits
 are modified. When the other \fBACL\fR entry is changed, the file other class

@@ -61,12 +65,10 @@
 Use the \fBsetfacl\fR command to set ACLs on files in a UFS file system, which
 supports POSIX-draft ACLS (or \fBaclent_t\fR style ACLs). Use the \fBchmod\fR
 command to set ACLs on files in a ZFS file system, which supports NFSv4-style
 ACLS (or \fBace_t\fR style ACLs).
 .SS "\fIacl_entries\fR Syntax"
-.sp
-.LP
 For the \fB-m\fR and \fB-s\fR options, \fIacl_entries\fR are one or more
 comma-separated \fBACL\fR entries.
 .sp
 .LP
 An \fBACL\fR entry consists of the following fields separated by colons:

@@ -146,12 +148,10 @@
 .LP
 For the \fB-d\fR option, \fIacl_entries\fR are one or more comma-separated
 \fBACL\fR entries without permissions. Notice that the entries for file owner,
 file group owner, \fBACL\fR mask, and others can not be deleted.
 .SH OPTIONS
-.sp
-.LP
 The options have the following meaning:
 .sp
 .ne 2
 .na
 \fB\fB-d\fR \fIacl_entries\fR\fR

@@ -291,11 +291,10 @@
 \fBdefault user\fR entries with the same \fIuid\fR, or duplicate \fBdefault
 group\fR entries with the same \fIgid\fR.
 .RE
 
 .SH EXAMPLES
-.LP
 \fBExample 1 \fRAdding read permission only
 .sp
 .LP
 The following example adds one \fBACL\fR entry to file \fBabc\fR, which gives
 user \fBshea\fR read permission only.

@@ -351,11 +350,10 @@
 .fi
 .in -2
 .sp
 
 .SH FILES
-.sp
 .ne 2
 .na
 \fB\fB/etc/passwd\fR\fR
 .ad
 .RS 15n

@@ -370,9 +368,8 @@
 .RS 15n
 group file
 .RE
 
 .SH SEE ALSO
-.sp
-.LP
 \fBchmod\fR(1), \fBgetfacl\fR(1), \fBumask\fR(1), \fBaclcheck\fR(3SEC),
-\fBaclsort\fR(3SEC), \fBgroup\fR(4), \fBpasswd\fR(4), \fBattributes\fR(5)
+\fBaclsort\fR(3SEC), \fBgroup\fR(4), \fBpasswd\fR(4), \fBacl\fR(5),
+\fBattributes\fR(5)