private group administration
Robert Locke
lists at ralii.com
Sat Oct 18 18:21:37 UTC 2008
On Sat, 2008-10-18 at 12:25 -0400, Chuck Anderson wrote:
> On Sat, Oct 18, 2008 at 10:53:05AM -0400, seth vidal wrote:
> > On Sat, 2008-10-18 at 10:40 -0400, Colin Walters wrote:
> > > 2008/10/18 Till Maas <opensource at till.name>:
> > > > On Sat October 18 2008, Colin Walters wrote:
> > > >> On Fri, Oct 17, 2008 at 8:12 PM, Matthew Woehlke
> > > >>
> > > >> <mw_triad at users.sourceforge.net> wrote:
> > > >> > If 'chmod g+w file;chgrp foo file' is too much work then there should be
> > > >> > a command that can do both.
> > > >>
> > > >> Groups are broken. Use access control lists: "man setfacl"
> > > >
> > > > ACLs inherit the brokenness of groups, e.g. it is not possible to enforce that
> > > > everything within a certain directory is owned by everyone of a group,
> > >
> > > The point is with ACLs you don't need the files to have a specific
> > > ownership (user/group) as long as they have the right ACLs for access.
> > > A good way to do this is to avoid groups entirely and just add the
> > > users you want individually.
> >
> > If there are enough people working on a project this does not scale.
>
> Right, with groups you can have files inherit the group from the
> directory they are in. Is there any inheritance with ACLs?
>
See 'setfacl d:' which can be used to set a "default" ACL on a directory
so that all "newly created files" will inherit it....
--Rob
More information about the devel
mailing list