1DPNS-SETACL(1) DPNS User Commands DPNS-SETACL(1)
2
6 dpns-setacl - set DPNS directory/file access control lists
7
9 dpns-setacl [-d] [-m] [-s] acl_entries path...
10
12 dpns-setacl sets the Access Control List associated with a DPNS direc‐
13 tory/file.
14 acl_entries is a comma separated list of entries. Each entry has colon
16 separated fields: ACL type, id (uid or gid), permission. Only directo‐
17 ries can have default ACL entries.
18 The entries look like:
20 user::perm
22 user:uid:perm
23 group::perm
24 group:gid:perm
25 mask:perm
26 other:perm
27 default:user::perm
28 default:user:uid:perm
29 default:group::perm
30 default:group:gid:perm
31 default:mask:perm
32 default:other:perm
33 The ACL type can be abbreviated to the first letter. The first "user"
35 entry gives the permissions granted to the owner of the file. The fol‐
36 lowing "user" entries show the permissions granted to specific users,
37 they are sorted in ascending order of uid. The first "group" entry
38 gives the permissions granted to the group owner of the file. The fol‐
39 lowing "group" entries show the permissions granted to specific groups,
40 they are sorted in ascending order of gid. The "mask" entry is the
41 maximum permission granted to specific users or groups. It does not
42 affect the "owner" and "other" permissions. The "mask" entry must be
43 present if there are specific "user" or "group" entries. "default"
44 entries associated with a directory are inherited as access ACL by the
45 files or sub-directories created in that directory. The umask is not
46 used. Sub-directories also inherit the default ACL as default ACL. As
47 soon as there is one default ACL entry, the 3 default ACL base entries
48 (default user, default group, default other) must be present.
49 The entry processing conforms to the Posix 1003.1e draft standard 17.
51 The effective user ID of the process must match the owner of the file
53 or the caller must have ADMIN privilege in the Cupv database.
54 path specifies the DPNS pathname. If path does not start with /, it
56 is prefixed by the content of the DPNS_HOME environment vari‐
57 able.
58 uid can be given as the username or the corresponding numeric id.
60 gid can be given as the groupname or the corresponding numeric id.
62 perm can be expressed as a combination of characters rwx- or as a
64 value between 0 and 7.
65
67 -d remove ACL entries. The "perm" field is ignored.
68 -m modify existing ACL entries or add new entries.
70 -s set the ACL entries. The complete set of ACL entries is
72 replaced.
73
75 Let's create a directory:
76 dpns-mkdir /dpm/dteam/test/file.log/d6
77 and add write permission for user bcouturi:
78 dpns-setacl -m u:bcouturi:rwx,m:rwx /dpm/dteam/test/file.log/d6
79 Let's create a directory:
80 dpns-mkdir /dpm/dteam/test/file.log/d7
81 and add default ACLs to it:
82 dpns-setacl -m d:u::7,d:g::7,d:o:5 /dpm/dteam/test/file.log/d7
83 Let's check the resulting ACLs:
84 dpns-getacl /dpm/dteam/test/file.log/d7
85 # file: /dpm/dteam/test/file.log/d7
86 # owner: baud
87 # group: c3
88 user::rwx
89 group::r-x #effective:r-x
90 other::r-x
91 default:user::rwx
92 default:group::rwx
93 default:other::r-x
94 Let's create a sub-directory and check the resulting ACLs:
96 dpns-mkdir /dpm/dteam/test/file.log/d7/d2
97 dpns-getacl /dpm/dteam/test/file.log/d7/d2
98 # file: /dpm/dteam/test/file.log/d7/d2
99 # owner: baud
100 # group: c3
101 user::rwx
102 group::rwx #effective:rwx
103 other::r-x
104 default:user::rwx
105 default:group::rwx
106 default:other::r-x
107 Let's create a file in the same directory and check the resulting ACLs:
109 dpns-touch /dpm/dteam/test/file.log/d7/f2
110 dpns-getacl /dpm/dteam/test/file.log/d7/f2
111 # file: /dpm/dteam/test/file.log/d7/f2
112 # owner: baud
113 # group: c3
114 user::rw-
115 group::rw- #effective:rw-
116 other::r--
117
119 This program returns 0 if the operation was successful or >0 if the
120 operation failed.
121
123 Castor_limits(4), dpns_chmod(3), dpns_chown(3), Cupvlist(1)
124
126 LCG Grid Deployment Team
127DPNS $Date: 2003/08/26 06:21:13 $ DPNS-SETACL(1)