On my opensolaris file storage machine files created in one zfs file system
which is then subsequently moved to another gets an extra acl applied from
somewhere. The problem with the newly applied acl is that the files are no
longer readable from the network share. The way to resolve this is to access
the server and execute a chmod -Rf A- which removes all of the extra and not
required acls. The problem is I can not find where these file permissions are
coming from. When I create a file in either of the file systems using touch,
the files have this set of permissions
0:owner@:execute:deny
1:owner@:read_data/write_data/append_data/write_xattr/write_attributes
/write_acl/write_owner:allow
2:group@:write_data/append_data/execute:deny
3:group@:read_data:allow
4:everyone@:write_data/append_data/write_xattr/execute/write_attributes
/write_acl/write_owner:deny
5:everyone@:read_data/read_xattr/read_attributes/read_acl/synchronize
:allow
This group of permissions looks like the standard ones applied to user and
group permissions. Now the files that are moved have the permissions below.
0:owner@:read_data/write_data/append_data/read_attributes
/write_attributes/read_acl/write_acl/synchronize:allow
1:owner@:execute:deny
2:group@:write_data/append_data/execute/write_attributes/write_acl:deny
3:group@:read_data/read_attributes/read_acl/synchronize:allow
4:group@:write_data/append_data/execute/write_attributes/write_acl:deny
5:everyone@:read_data/read_attributes/read_acl/synchronize:allow
6:everyone@:write_data/append_data/execute/write_attributes/write_acl
:deny
I have tried removing all of the acls from the file systems by executing the
chmod command in the roots of the file systems but it has not worked. Can
anyone provide any suggestions. Also how do you use chmod on a directory only
not the files?
--
This message posted from opensolaris.org
