1 | .\" Copyright (C) 2001, 2002, 2004 Silicon Graphics, Inc. All rights reserved. |
---|
2 | .\" |
---|
3 | .\" This is free documentation; you can redistribute it and/or |
---|
4 | .\" modify it under the terms of the GNU General Public License as |
---|
5 | .\" published by the Free Software Foundation; either version 2 of |
---|
6 | .\" the License, or (at your option) any later version. |
---|
7 | .\" |
---|
8 | .\" The GNU General Public License's references to "object code" |
---|
9 | .\" and "executables" are to be interpreted as the output of any |
---|
10 | .\" document formatting or typesetting system, including |
---|
11 | .\" intermediate and printed output. |
---|
12 | .\" |
---|
13 | .\" This manual is distributed in the hope that it will be useful, |
---|
14 | .\" but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
15 | .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
16 | .\" GNU General Public License for more details. |
---|
17 | .\" |
---|
18 | .\" You should have received a copy of the GNU General Public |
---|
19 | .\" License along with this manual. If not, see |
---|
20 | .\" <http://www.gnu.org/licenses/>. |
---|
21 | .\" |
---|
22 | .TH CHACL 1 "ACL File Utilities" "September 2001" "Access Control Lists" |
---|
23 | .SH NAME |
---|
24 | chacl \- change the access control list of a file or directory |
---|
25 | .SH SYNOPSIS |
---|
26 | .B chacl acl pathname... |
---|
27 | .br |
---|
28 | .B chacl \-b acl dacl pathname... |
---|
29 | .br |
---|
30 | .B chacl \-d dacl pathname... |
---|
31 | .br |
---|
32 | .B chacl \-R pathname... |
---|
33 | .br |
---|
34 | .B chacl \-D pathname... |
---|
35 | .br |
---|
36 | .B chacl \-B pathname... |
---|
37 | .br |
---|
38 | .B chacl \-l pathname... |
---|
39 | .br |
---|
40 | .B chacl \-r pathname... |
---|
41 | .br |
---|
42 | .SH DESCRIPTION |
---|
43 | .I chacl |
---|
44 | is an IRIX-compatibility command, and is maintained for those |
---|
45 | users who are familiar with its use from either XFS or IRIX. |
---|
46 | Refer to the |
---|
47 | .B "SEE ALSO" |
---|
48 | section below for a description of tools |
---|
49 | which conform more closely to the (withdrawn draft) POSIX 1003.1e |
---|
50 | standard which describes Access Control Lists (ACLs). |
---|
51 | .PP |
---|
52 | .I chacl |
---|
53 | changes the ACL(s) for a file or directory. |
---|
54 | The ACL(s) specified are applied to each file in the \f4pathname\f1 arguments. |
---|
55 | .P |
---|
56 | Each ACL is a string which is interpreted using the |
---|
57 | .IR acl_from_text (3) |
---|
58 | routine. |
---|
59 | These strings are made up of comma separated clauses each of which |
---|
60 | is of the form, tag:name:perm. Where \f4tag\fP can be: |
---|
61 | .TP |
---|
62 | "user" (or "u") |
---|
63 | indicating that the entry is a user ACL entry. |
---|
64 | .TP |
---|
65 | "group" (or "g") |
---|
66 | indicating that the entry is a group ACL entry. |
---|
67 | .TP |
---|
68 | "other" (or "o") |
---|
69 | indicating that the entry is an other ACL entry. |
---|
70 | .TP |
---|
71 | "mask" (or "m") |
---|
72 | indicating that the entry is a mask ACL entry. |
---|
73 | .P |
---|
74 | \f4name\fP is a string which is the user or group name for the ACL entry. |
---|
75 | A null \f4name\fP in a user or group ACL entry indicates the file's |
---|
76 | owner or file's group. |
---|
77 | \f4perm\fP is the string "rwx" where each of the entries may be replaced |
---|
78 | by a "\-" indicating no access of that type, e.g. "r\-x", "\-\-x", "\-\-\-". |
---|
79 | .SH OPTIONS |
---|
80 | .TP |
---|
81 | .B \-b |
---|
82 | Indicates that there are two ACLs to change, the first is the |
---|
83 | file access ACL and the second the directory default ACL. |
---|
84 | .TP |
---|
85 | .B \-d |
---|
86 | Used to set only the default ACL of a directory. |
---|
87 | .TP |
---|
88 | .B \-R |
---|
89 | Removes the file access ACL only. |
---|
90 | .TP |
---|
91 | .B \-D |
---|
92 | Removes directory default ACL only. |
---|
93 | .TP |
---|
94 | .B \-B |
---|
95 | Remove all ACLs. |
---|
96 | .TP |
---|
97 | .B \-l |
---|
98 | Lists the access ACL and possibly the default ACL associated |
---|
99 | with the specified files or directories. This option was added |
---|
100 | during the Linux port of XFS, and is not IRIX compatible. |
---|
101 | .TP |
---|
102 | .B \-r |
---|
103 | Set the access ACL recursively for each subtree rooted at \f4pathname\f1(s). |
---|
104 | This option was also added during the Linux port of XFS, and is not |
---|
105 | compatible with IRIX. |
---|
106 | .SH EXAMPLES |
---|
107 | A minimum ACL: |
---|
108 | .PP |
---|
109 | .nf |
---|
110 | \f3chacl u::rwx,g::r-x,o::r-- file\fP |
---|
111 | .fi |
---|
112 | .PP |
---|
113 | The file ACL is set so that the file's owner has "rwx", the file's |
---|
114 | group has read and execute, and others have read only access to the file. |
---|
115 | .P |
---|
116 | An ACL that is not a minimum ACL, that is, one that specifies |
---|
117 | a user or group other than the file's owner or owner's group, |
---|
118 | must contain a mask entry: |
---|
119 | .PP |
---|
120 | .nf |
---|
121 | \f4chacl u::rwx,g::r-x,o::r--,u:bob:r--,m::r-x file1 file2\fP |
---|
122 | .fi |
---|
123 | .PP |
---|
124 | To set the default and access ACLs on \f4newdir\f1 to be the |
---|
125 | same as on \f4olddir\f1, you could type: |
---|
126 | .PP |
---|
127 | .nf |
---|
128 | \f4chacl \-b `chacl \-l olddir | \\ |
---|
129 | sed \-e 's/.*\\[//' \-e 's#/# #' \-e 's/]$//'` newdir |
---|
130 | \fP |
---|
131 | .fi |
---|
132 | .SH CAUTIONS |
---|
133 | .I chacl |
---|
134 | can replace the existing ACL. To add or delete entries, you |
---|
135 | must first do \f4chacl \-l\fP to get the existing ACL, and use the output |
---|
136 | to form the arguments to |
---|
137 | .IR chacl . |
---|
138 | .P |
---|
139 | Changing the permission bits of a file will change the file access |
---|
140 | ACL settings (see |
---|
141 | .IR chmod (1)). |
---|
142 | However, file creation mode masks (see |
---|
143 | .IR umask (1)) |
---|
144 | will not affect the access ACL settings of files created using directory |
---|
145 | default ACLs. |
---|
146 | .P |
---|
147 | ACLs are filesystem extended attributes and hence are not typically |
---|
148 | archived or restored using the conventional archiving utilities. |
---|
149 | See |
---|
150 | .IR attr (5) |
---|
151 | for more information about extended attributes and see |
---|
152 | .IR xfsdump (8) |
---|
153 | for a method of backing them up under XFS. |
---|
154 | .SH SEE ALSO |
---|
155 | .BR getfacl "(1), " setfacl "(1), " chmod "(1), " umask "(1), " acl_from_text "(3), " acl "(5), " xfsdump (8) |
---|