FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 02-05-2008, 06:30 PM
koffiejunkie
 
Default filesystem acl problem

Hi guys,

I'm doing some thing wrong. I have my mailserver setup to deliver mail
for all domains to /home/vmail/<DOMAIN>/<MAILBOX>. Files and
directories inside it gets created with 0600 and 0700 permissions,
respectively - I don't see a way to tell postfix to do it any other way.

I have a cronjob on another machine, that does a rsync via ssh as the
user 'backup' on a daily basis.

I enabled acl on the ext3 filesystem, and gave 'backup' access to
/home/vmail. Problem is, it's not propagating.

Here's what I've tried

setfacl -R -m user:backup:r-x vmail
setfacl -R -m mask:r-x vmail
setfacl -R -m d:mask:r-x vmail
setfacl -R -m d:user:backup:r-x vmail

Which gives me the following if I do getfacl on /home/vmail:

# file: vmail
# owner: vmail
# group: vmail
user::rwx
user:backup:r-x
group::r-x
mask::r-x
other::r-x
default:user::rwx
default:user:backup:r-x
default:group::r-x
default:mask::r-x
defaultther::r-x


Yet, if I su to backup and try to view this file, I get Permission
Denied. Looking at one of the files that was in the directory when I
did the setfacl, the permissions are 650 instead of 600. New files are
created 600.


So here's a file I can read:

-rw-r-x---+ 1 vmail vmail 2.9K 2008-02-05 19:10
1202238647.V302I58404dM470661.host.domain.tld:2,S


and the getfacl for it:

# file: 1202238647.V302I58404dM470661.host.domain.tld:2,S
# owner: vmail
# group: vmail
user::rw-
user:backup:r-x
group::---
mask::r-x
other::---


Here's a new file:

-rw-------+ 1 vmail vmail 3.2K 2008-02-05 19:24
1202239457.V302I58405dM250576.host.domain.tld


and the getfacl for it:

# file: 1202239457.V302I58405dM250576.host.domain.tld
# owner: vmail
# group: vmail
user::rw-
user:backup:r-x #effective:---
group::---
mask::---
other::---


Notice the mask didn't propagate, although I don't see how that is
relevant, because user 'backup' still has explicite r-x permissions on
everything.


What am I missing?

Thanks


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 12:16 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org