How to recursively set permissions for ACL in FreeBSD

This is not too difficult however as not as straightforward as it can be done in Linux.

setfacl command in Linux has -R directive to set permissions recursively in the same way as with chmod command.

In FreeBSD setfacl does not have -R directive. Use the following examples to recursively set ACL permissions in FreeBSD:Code:

find /mnt/FreeNAS/test/ -type d -exec setfacl -m u:Itgalaxyz:modify_set:fd:allow {} \;

1	find /mnt/FreeNAS/test/ -type d -exec setfacl -m u:Itgalaxyz:modify_set:fd:allow {} \;

It recursively set modify permissions for user “Itgalaxyz” on the folder /mnt/FreeNAS/test/ and all sub folders, this also specifies file and folder inheritance for these permissions (this will only affect files/folders moved into or created in these folders from this point forward)

Code:

find /mnt/FreeNAS/test/ -type f -exec setfacl -m u:Itgalaxyz:modify_set:allow {} \;

1	find /mnt/FreeNAS/test/ -type f -exec setfacl -m u:Itgalaxyz:modify_set:allow {} \;

Does the same as above but recursively for files in /mnt/FreeNAS/test/ (obviously no inheritance settings are required)

Change u: to g: for groups, -m to -x to remove ACL entries instead of create/modify.

You can set individual permissions using the letter codes (see below), however these commonly required ones are also available:

full_set all permissions
modify_set all permissions except write_acl and write_owner
read_set read_data, read_attributes, read_xattr and read_acl
write_set write_data, append_data, write_attributes and write_xattr

Code:

        owner@:--------------:-------:deny
        owner@:rwxp---A-W-Co-:-------:allow
        group@:-w-p----------:-------:deny
        group@:r-x-----------:-------:allow
     everyone@:-w-p---A-W-Co-:-------:deny
     everyone@:r-x---a-R-c--s:-------:allow
               ||||||||||||||:|||||||
  (r)read data +|||||||||||||:||||||+ (I)nherited
  (w)rite data -+||||||||||||:|||||+- (F)ailed access (audit)
     e(x)ecute --+|||||||||||:||||+-- (S)uccess access (audit)
      a(p)pend ---+||||||||||:|||+--- (n)o propagate
      (d)elete ----+|||||||||:||+---- (i)nherit only
(D)elete child -----+||||||||:|+----- (d)irectory inherit
 read (a)ttrib ------+|||||||:+------ (f)ile inherit
write (A)ttrib -------+||||||
  (R)ead xattr --------+|||||
 (W)rite xattr ---------+||||
    read a(c)l ----------+|||
   write a(C)l -----------+||
change (o)wner ------------+|
          sync -------------+

owner@:--------------:-------:deny

owner@:rwxp---A-W-Co-:-------:allow

group@:-w-p----------:-------:deny

group@:r-x-----------:-------:allow

everyone@:-w-p---A-W-Co-:-------:deny

everyone@:r-x---a-R-c--s:-------:allow

||||||||||||||:|||||||

(r)read data +|||||||||||||:||||||+ (I)nherited

(w)rite data -+||||||||||||:|||||+- (F)ailed access (audit)

e(x)ecute --+|||||||||||:||||+-- (S)uccess access (audit)

a(p)pend ---+||||||||||:|||+--- (n)o propagate

(d)elete ----+|||||||||:||+---- (i)nherit only

(D)elete child -----+||||||||:|+----- (d)irectory inherit

read (a)ttrib ------+|||||||:+------ (f)ile inherit

write (A)ttrib -------+||||||

(R)ead xattr --------+|||||

(W)rite xattr ---------+||||

read a(c)l ----------+|||

write a(C)l -----------+||

change (o)wner ------------+|

sync -------------+

How to recursively set permissions for ACL in FreeBSD

Stay tuned! :)

Categories

How to recursively set permissions for ACL in FreeBSD

Related posts

MariaDB Galera three nodes cluster on CentOS 6

How to convert pfx certificate to Apache pem

How To Create SSL Certificate for Apache on CentOS 7

Stay tuned! :)

Categories

Tags