TransWikia.com

How to use setfacl on ZFS dataset to set the equivalent of UNIX-style chmod 770?

Server Fault Asked by user260467 on December 1, 2021

I’m trying to use setfacl to set the permissions of different ZFS datasets, and I want those ACL permissions equivalent to UNIX-style chmod 770.

What setfacl command could accomplish this, and what ACLs should getfacl display if I were to do this correctly?

I’m running FreeNAS 11.0 with Samba 4.6.4.

One Answer

Note: the following is from a Solaris system, but the results should also work on BSD (where you need to use getfacl/setfacl instead of ls/chmod).


The default permissions of a newly created (text) file are:

   owner@:rw-p--aARWcCos:-------:allow
   group@:r-----a-R-c--s:-------:allow
everyone@:r-----a-R-c--s:-------:allow

If you use chmod 0770 /path/to/file, you will get:

   owner@:rwxp--aARWcCos:-------:allow
   group@:rwxp--a-R-c--s:-------:allow
everyone@:------a-R-c--s:-------:allow

Essentially, execute (x) is added for owner and group, read (r) is removed from everyone, and write (w) and append (p) are added to group.


For a directory, it looks as follows:

   owner@:rwxp-DaARWcCos:-------:allow
   group@:r-x---a-R-c--s:-------:allow
everyone@:r-x---a-R-c--s:-------:allow

And after modification:

   owner@:rwxp-DaARWcCos:-------:allow
   group@:rwxp-Da-R-c--s:-------:allow
everyone@:------a-R-c--s:-------:allow

Here, read (r) and execute (x) are removed from everyone, while owner and group have the same permissions as in the file case, although with added delete_child (D) permission (this comes from being a directory).

Answered by user121391 on December 1, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP