From 2e7f4de812d2878df9f40a3960d1fd7730ba5c0f Mon Sep 17 00:00:00 2001 From: trasz Date: Fri, 8 Feb 2013 18:02:28 +0000 Subject: In the setfacl(1) manual page, make it clear that for NFSv4 ACLs, one should really use -a and -x instead of -m. MFC after: 1 week --- bin/setfacl/setfacl.1 | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'bin/setfacl') diff --git a/bin/setfacl/setfacl.1 b/bin/setfacl/setfacl.1 index 3d7b517..48878c4 100644 --- a/bin/setfacl/setfacl.1 +++ b/bin/setfacl/setfacl.1 @@ -26,7 +26,7 @@ .\" .\" $FreeBSD$ .\" -.Dd September 2, 2012 +.Dd February 8, 2013 .Dt SETFACL 1 .Os .Sh NAME @@ -95,6 +95,11 @@ Modify the ACL entries on the specified files by adding new entries and modifying existing ACL entries with the ACL entries specified in .Ar entries . +For NFSv4 ACLs, it is recommended to use the +.Fl a +and +.Fl x +instead. .It Fl M Ar file Modify the ACL entries on the specified files by adding new ACL entries and modifying existing ACL entries with the ACL -- cgit v1.1 From 19b8d932d18579d0fa71a3568fd3205cfd095823 Mon Sep 17 00:00:00 2001 From: trasz Date: Fri, 8 Feb 2013 18:12:16 +0000 Subject: Improve description of the "-m" option to setfacl(1). Submitted by: scottl MFC after: 1 week --- bin/setfacl/setfacl.1 | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'bin/setfacl') diff --git a/bin/setfacl/setfacl.1 b/bin/setfacl/setfacl.1 index 48878c4..c2173d3 100644 --- a/bin/setfacl/setfacl.1 +++ b/bin/setfacl/setfacl.1 @@ -91,15 +91,16 @@ An error will be reported if any of the specified files cannot have a default entry (i.e.\& non-directories). This option is not applicable to NFSv4 ACLs. .It Fl m Ar entries -Modify the ACL entries on the specified files by adding new -entries and modifying existing ACL entries with the ACL entries -specified in -.Ar entries . +Modify the ACL on the specified file. +New entries will be added, and existing entries will be modified +according to the +.Ar entries +argument. For NFSv4 ACLs, it is recommended to use the .Fl a and .Fl x -instead. +options instead. .It Fl M Ar file Modify the ACL entries on the specified files by adding new ACL entries and modifying existing ACL entries with the ACL -- cgit v1.1 From 57fb31bcdbe887c6b20c810287489eb0cddd871e Mon Sep 17 00:00:00 2001 From: trasz Date: Fri, 8 Feb 2013 18:43:47 +0000 Subject: Fix NFSv4 permission description in setfacl(1) manual page: the 'D' means delete_child, not delete. MFC after: 1 week --- bin/setfacl/setfacl.1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'bin/setfacl') diff --git a/bin/setfacl/setfacl.1 b/bin/setfacl/setfacl.1 index c2173d3..83dc41a 100644 --- a/bin/setfacl/setfacl.1 +++ b/bin/setfacl/setfacl.1 @@ -325,9 +325,9 @@ write_data execute .It p append_data -.It d -delete_child .It D +delete_child +.It d delete .It a read_attributes -- cgit v1.1 From 3b2ecc9e065ec4649e82a8190cda6249027a16d6 Mon Sep 17 00:00:00 2001 From: trasz Date: Mon, 1 Apr 2013 13:17:28 +0000 Subject: Mention that read_attributes, write_attributes, read_acl and write_acl are always permitted for the file owner. PR: kern/174948 MFC after: 1 week --- bin/setfacl/setfacl.1 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'bin/setfacl') diff --git a/bin/setfacl/setfacl.1 b/bin/setfacl/setfacl.1 index 83dc41a..4104315 100644 --- a/bin/setfacl/setfacl.1 +++ b/bin/setfacl/setfacl.1 @@ -26,7 +26,7 @@ .\" .\" $FreeBSD$ .\" -.Dd February 8, 2013 +.Dd April 1, 2013 .Dt SETFACL 1 .Os .Sh NAME @@ -401,6 +401,10 @@ NFSv4 ACL entries are evaluated in their visible order. .Pp Multiple ACL entries specified on the command line are separated by commas. +.Pp +Note that the file owner is always granted the read_acl, write_acl, +read_attributes, and write_attributes permissions, even if the ACL +would deny it. .Sh EXIT STATUS .Ex -std .Sh EXAMPLES -- cgit v1.1