I have a user who deploys an application using a common user ID and script. For security reasons, we are trying to get them off this common ID. However their deployment scripts fail to remove files other than the ones they themselves (user) deploy. Thus the team resorts to a common ID.
My solution was to use ACL to grant RWX to all members of the group on the file system. This works after I set the command: setfacl -R -m g:guid:rwx /file/system and setfacl -R -m -d g:guid:rwx /file/system for the default value. When I display (getfacl) these values, they are verified as still correct. However after they expand their zip file again during the deployment, the files are no longer removable (permission denied) by any other member of the group except for the user completing the deployment. And the ACL values are still the same for the file system. The files are created by the developers on a Windows platform to be deployed on linux. Before: group:groupname:rwx After redeployment: group:groupname:rwx #effective:r-x <==(I need the write) How can I resolve this without having to rerun the setfacl command again? James Chaplin Systems Programmer, MVS, zVM & zLinux Base Technologies, Inc Supporting the zSeries Platform Team ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
