(Illustration by Gaich Muramatsu)
On 24 Jan, Brad Clements wrote: > Is the cfs sa -clear option supposed to be able to remove a acl entry? > > It seems to remove the wrong user.. > > [bkc_at_eiger coda]$ cfs la /coda/usr/bkc > System:Administrators rlidwka > System:AnyUser rl > [bkc_at_eiger coda]$ cfs sa -clear /coda/usr/bkc System:AnyUser rl > [bkc_at_eiger coda]$ cfs la /coda/usr/bkc > System:AnyUser rl Actually, the -clear option removes all current acl entries, replacing them with whatever definitions follow the directory path. I think this should help explain the behavior you're seeing. As per the cfs man page: setacl Set access control list. Sets the access control list for each id. The -clear switch clears the access control list except for the entries given on the call to cfs. The -negative switch denies the given permissions, rather than granting them. Rights are a subset of rwidlak which are read, write, insert, delete, lookup, administer, and lock respectively. See the section on File Protection in the Coda manual for more detail. -- Stephan Koledin Mad Scientist The Motley Fool http://fool.comReceived on 2001-01-24 10:32:11