 |
 |
Hi, I want to share a directory 'share' between a user 'matevz' and 'xrootd', so I do: [root@mongo user]# mkdir share [root@mongo user]# setfacl -d -m u:matevz:rwX,u:xrootd:rwx,m:rwX share [root@mongo user]# setfacl -m u:matevz:rwX,u:xrootd:rwx,m:rwX share [root@mongo user]# getfacl share/ # file: share/ # owner: root # group: root user::rwx user:xrootd:rwx user:matevz:rwx group::r-x mask::rwx other::r-x default:user::rwx default:user:xrootd:rwx default:user:matevz:rwx default:group::r-x default:mask::rwx default:other::r-x [root@mongo user]# ll -d share drwxrwxr-x+ 4 root root 4 Aug 19 15:35 share Then I go to share as matevz and create directory m1, xrootd can write to it, eg: [matevz@mongo share]$ mkdir m1 [matevz@mongo share]$ ll drwxrwxr-x+ 2 matevz matevz 3 Aug 19 15:34 m1 # xrdcp -d 2 GTX970-Invoice.pdf root://mongo.mayer.optiputer.net:2020//user/share/m1 [matevz@mongo share]$ ll m1 total 275 -rw-r--r--+ 1 xrootd xrootd 247711 Aug 19 15:34 GTX970-Invoice.pdf Then I create a directory through xrootd and matevz can not write into it: # xrdfs mongo.mayer.optiputer.net:2020 mkdir /user/share/x1 [matevz@mongo share]$ ll -d x1 drwxr-x---+ 2 xrootd xrootd 2 Aug 19 15:35 x1 [matevz@mongo share]$ touch x1/xx touch: cannot touch `x1/xx': Permission denied [matevz@mongo share]$ getfacl x1 # file: x1 # owner: xrootd # group: xrootd user::rwx user:xrootd:rwx #effective:r-x user:matevz:rwx #effective:r-x group::r-x mask::r-x other::--- default:user::rwx default:user:xrootd:rwx default:user:matevz:rwx default:group::r-x default:mask::rwx default:other::r-x As you can see, the mask is not propagated for the directory ... or it might get un-set by chmod operation done by xrootd. This is acl for directory I created by hand and you can see mask IS propagated (the same is true if I create a directory as root, both matevz and xrootd can write into it): [matevz@mongo share]$ getfacl m1 # file: m1 # owner: matevz # group: matevz user::rwx user:xrootd:rwx user:matevz:rwx group::r-x mask::rwx other::r-x default:user::rwx default:user:xrootd:rwx default:user:matevz:rwx default:group::r-x default:mask::rwx default:other::r-x Why does xrootd set o-rwx on directories? umask for xrootd is 0002 so one would expect this should be it ... can this behaviour be disabled so I can see if this indeed borks the acls? Cheers, Matevz ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-L list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1