1NFS4_SETFACL(1) NFSv4 Access Control Lists NFS4_SETFACL(1)
2
6 nfs4_setfacl, nfs4_editfacl - manipulate NFSv4 file/directory access
7 control lists
8
10 nfs4_setfacl [OPTIONS] COMMAND file...
11 nfs4_editfacl [OPTIONS] file...
12
14 nfs4_setfacl manipulates the NFSv4 Access Control List (ACL) of one or
15 more files (or directories), provided they are on a mounted NFSv4
16 filesystem which supports ACLs.
17 nfs4_editfacl is equivalent to nfs4_setfacl -e.
19 Information about NFSv4 ACL terminology and syntax can be found in the
21 nfs4_acl(5) manpage.
22 COMMANDS
24 -a acl_spec [index]
25 add the ACEs from acl_spec to file's ACL. ACEs are inserted
26 starting at the indexth position (DEFAULT: 1) of file's ACL.
27 -A acl_file [index]
29 add the ACEs from the acl_spec in acl_file to file's ACL. ACEs
30 are inserted starting at the indexth position (DEFAULT: 1) of
31 file's ACL.
32 -x acl_spec | index
34 delete ACEs matched from acl_spec - or delete the indexth ACE -
35 from file's ACL.
36 -X acl_file
38 delete ACEs matched from the acl_spec in acl_file from file's
39 ACL.
40 -s acl_spec
42 set file's ACL to acl_spec.
43 -S acl_file
45 set file's ACL to the acl_spec in acl_file.
46 -e, --edit
48 edit file's ACL in the editor defined in the EDITOR environment
49 variable (DEFAULT: vi(1)) and set the resulting ACL upon a clean
50 exit, assuming changes made in the editor were saved. Note that
51 if multiple files are specified, the editor will be serially
52 invoked once per file.
53 -m from_ace to_ace
55 modify file's ACL in-place by replacing from_ace with to_ace.
56 -?, -h, --help
58 display help text and exit.
59 --more-help
61 display extra help text and exit. DEPRECATED: going away since
62 there's a manpage.
63 --version
65 display this program's version and exit.
66 NOTE: if '-' is given as the acl_file with the -A/-X/-S flags, the
68 acl_spec will be read from stdin.
69 OPTIONS
71 --test display results of COMMAND, but do not save changes.
72 -R (unimplemented)
74 recursively apply to a directory's files and subdirectories.
75
77 Assume that the file `foo' has the following NFSv4 ACL for each of the
78 following examples:
79 A::OWNER@:rwatTnNcCy
81 D::OWNER@:x
82 A:g:GROUP@:rtncy
83 D:g:GROUP@:waxTC
84 A::EVERYONE@:rtncy
85 D::EVERYONE@:waxTC
86 - add ACE granting `alice@nfsdomain.org' generic "read" and "execute"
88 access (defaults to prepending ACE to ACL):
89 $ nfs4_setfacl -a A::alice@nfsdomain.org:rxtncy foo
90 - delete the first ACE, but only print the resulting ACL (does not save
92 changes):
93 $ nfs4_setfacl --test -x 1 foo
94 - edit existing ACL in a text editor and set modified ACL on clean
96 save/exit:
97 $ nfs4_setfacl -e foo
98 - set ACL (overwrites original) to contents of a spec_file named
100 `newacl.spec':
101 $ nfs4_setfacl -S newacl.spec foo
102 - delete the fifth and sixth ACEs above:
104 $ nfs4_setfacl -x "A::EVERYONE@rtncy, D::EVERYONE@:waxTC" foo
105 - modify (in-place) the second ACE above:
107 $ nfs4_setfacl -m D::OWNER@:x D::OWNER@:xo foo
108 - set ACLs of `bar' and `frobaz' to ACL of `foo':
110 $ nfs4_getfacl foo | nfs4_setfacl -S - bar frobaz
111
113 nfs4_setfacl was written by people at CITI, the Center for Information
114 Technology Integration (http://www.citi.umich.edu). This manpage was
115 written by David Richter.
116
118 Please send bug reports, feature requests, and comments to
119 <nfsv4@linux-nfs.org>.
120
122 nfs4_getfacl(1), nfs4_acl(5), RFC3530 (NFSv4.0), NFSv4.1 Minor Version
123 Draft.
124Linux version 0.3.1, March 2007 NFS4_SETFACL(1)