2

I have a directory that already might have some subdirectory configured rwx for www-data, but I want to make a final pass and ensure www-data has a full read access on the full directory.

All these are part of some bash scripting, and I need to automate this.

Ideally, I want to do:

chmod g+r /my/root/dir -R

But, of course, I'm using ACL, and I want to do it only for group www-data.

But using setfacl will overwrite the previous permissions. It doesn't support +r notation for relative permission settings (and it is not documented in the man page):

$ setfacl -m g:www-data:+r /tmp 
setfacl: Option -m: Invalid argument near character 12

How can I do that ? Shall I resort to nasty scripting solutions ?

It seems that there's a version of setfacl that support that in some Unix: https://www-01.ibm.com/support/knowledgecenter/SSLTBW_2.1.0/com.ibm.zos.v2r1.bpxa500/sfacl.htm , it was also reported working on SuSE.

EDIT: I'm on an Ubuntu 15.10, my version of setfacl comes from a package named acl in version 2.2.52-2.

vaab
  • 254
  • 2
    What version of Unix/Linux are you using. My OpenSuSE system's setfacl supports the '-m' flag so that you can do setfacl -R -m group:www-data:+r /my/root/dir on it. – darklion Feb 12 '16 at 08:52
  • @darklion I've added my version of system and the package to the question. Thanks for this obvious (but forgotten) missing information. Can you trace your package as well ? (version and orgin of package ?). – vaab Feb 13 '16 at 01:50

0 Answers0