Coda File System

Re: Can't remove System:AnyUser rl from ACL's -- removes wrong entry

From: Stephan Koledin <sbk_at_fool.com>
Date: Wed, 24 Jan 2001 10:30:49 -0500 (EST)
On 24 Jan, Brad Clements wrote:
> Is the cfs sa -clear option supposed to be able to remove a acl entry?
> 
> It seems to remove the wrong user..
> 
> [bkc_at_eiger coda]$ cfs la /coda/usr/bkc
> System:Administrators  rlidwka 
>       System:AnyUser  rl      
> [bkc_at_eiger coda]$ cfs sa -clear /coda/usr/bkc System:AnyUser rl
> [bkc_at_eiger coda]$ cfs la /coda/usr/bkc
>       System:AnyUser  rl      

Actually, the -clear option removes all current acl entries, replacing
them with whatever definitions follow the directory path. I think this
should help explain the behavior you're seeing.

As per the cfs man page:

       setacl Set  access  control list.  Sets the access control
              list for each id.  The  -clear  switch  clears  the
              access control list except for the entries given on
              the call to cfs.  The -negative switch  denies  the
              given   permissions,  rather  than  granting  them.
              Rights are a subset  of  rwidlak  which  are  read,
              write, insert, delete, lookup, administer, and lock
              respectively.  See the section on  File  Protection
              in the Coda manual for more detail.


-- 
Stephan Koledin
Mad Scientist
The Motley Fool
http://fool.com
Received on 2001-01-24 10:32:11