Difference between revisions of "ACL"

From Blue-IT.org Wiki

(Backup)
(NFS)
Line 35: Line 35:
  
 
==NFS==
 
==NFS==
Change your ''fstab'' mount options to
+
Change your ''fstab'' mount options. Important is to add '''acl''' in the options part.
 
  nfs_server:/home/exchange /home/your_account/exchange  nfs \
 
  nfs_server:/home/exchange /home/your_account/exchange  nfs \
         rw,rsize=8192,wsize=8192,user,timeo=10,intr,acl 0 0
+
         rw,acl[,...] 0 0
Important here is the '''acl''' in the options part.
 
  
Manually mount like this:
+
''Manually'' mount like this:
  mount -t nfs -o rw,acl \
+
  mount -t nfs -o rw,acl[,...] \
 
     nfs_server:/home/exchange /home/your_account/exchange
 
     nfs_server:/home/exchange /home/your_account/exchange
 +
 +
''[,...]'' stands for e.g. one of these mount options
 +
  rsize=8192,wsize=8192,user,timeo=10,intr,
  
 
==Backup==
 
==Backup==
 
If you like to backup directories or files with ''acl's'', you have to use the '''star''' (a ''tar'' clone) backup utility.
 
If you like to backup directories or files with ''acl's'', you have to use the '''star''' (a ''tar'' clone) backup utility.
 
* [http://cdrecord.berlios.de/new/private/star-acl.html Star ACL]
 
* [http://cdrecord.berlios.de/new/private/star-acl.html Star ACL]

Revision as of 18:51, 25 November 2007

Use Case

Peter, Paul and Mary are working with one directory tree. They share, use and edit the same files. They all belong to the system group users. But the directory the should be able to write on belongs to the group exchange.

/home   |
        /exchange  |
                   /peters_subdir |
                                  /peters_file.txt
                   /pauls_subdir  |
                                  /pauls_file.odf
                   maries_file.doc

Links

Use it

Enable ACL

Enable the ACL's in fstab

/etc/fstab
/home   /dev/hdx   ext3   defaults,exec,acl   1 2

Create a new group exchange

Create the new group exchange. In some cases it could be wise to create a user with the same name too, with its own home directory and the default group exchange. Don't forget to set the default group for the user.

chgrp exchange /home/exchange/
chmod g+s /home/exchange

Add ACL support

Changing the default umask for the certain directory and all subdirectories

setfacl -d -m mask:007 /home/exchange/


Now every file from any user accessing this directory will be readably/writable for the group exchange.

NFS

Change your fstab mount options. Important is to add acl in the options part.

nfs_server:/home/exchange /home/your_account/exchange  nfs \
        rw,acl[,...]  0 0

Manually mount like this:

mount -t nfs -o rw,acl[,...] \
    nfs_server:/home/exchange /home/your_account/exchange

[,...] stands for e.g. one of these mount options

 rsize=8192,wsize=8192,user,timeo=10,intr,

Backup

If you like to backup directories or files with acl's, you have to use the star (a tar clone) backup utility.