Linux Certif

Toute la documentation sur la certification Linux LPI

nfs4_editfacl

NAME

nfs4_setfacl, nfs4_editfacl - manipulate NFSv4 file/directory access control lists

SYNOPSIS

nfs4_setfacl [OPTIONS] COMMAND file...
nfs4_editfacl [OPTIONS] file...

DESCRIPTION

nfs4_setfacl manipulates the NFSv4 Access Control List (ACL) of one or more files (or directories), provided they are on a mounted NFSv4 filesystem which supports ACLs.

nfs4_editfacl is equivalent to nfs4_setfacl -e.

Information about NFSv4 ACL terminology and syntax can be found in the nfs4_acl(5) manpage.

COMMANDS

-a acl_spec [index]

add the ACEs from acl_spec to file's ACL. ACEs are inserted starting at the indexth position (DEFAULT: 1) of file's ACL.

-A acl_file [index]

add the ACEs from the acl_spec in acl_file to file's ACL. ACEs are inserted starting at the indexth position (DEFAULT: 1) of file's ACL.

-x acl_spec | index

delete ACEs matched from acl_spec - or delete the indexth ACE - from file's ACL.

-X acl_file

delete ACEs matched from the acl_spec in acl_file from file's ACL.

-s acl_spec

set file's ACL to acl_spec.

-S acl_file

set file's ACL to the acl_spec in acl_file.

-e, --edit

edit file's ACL in the editor defined in the EDITOR environment variable (DEFAULT: vi(1)) and set the resulting ACL upon a clean exit, assuming changes made in the editor were saved. Note that if multiple files are specified, the editor will be serially invoked once per file.

-m from_ace to_ace

modify file's ACL in-place by replacing from_ace with to_ace.

-?, -h, --help

display help text and exit.

--more-help

display extra help text and exit. DEPRECATED: going away since there's a manpage.

--version

display this program's version and exit.

NOTE: if '-' is given as the acl_file with the -A/-X/-S flags, the acl_spec will be read from stdin.

OPTIONS

--test

display results of COMMAND, but do not save changes.

-R (unimplemented)

recursively apply to a directory's files and subdirectories.

EXAMPLES

Assume that the file `foo' has the following NFSv4 ACL for each of the following examples:

 
 A::OWNER@:rwatTnNcCy
 D::OWNER@:x
 A:g:GROUP@:rtncy
 D:g:GROUP@:waxTC
 A::EVERYONE@:rtncy
 D::EVERYONE@:waxTC
 

-

add ACE granting `alice@nfsdomain.org' generic "read" and "execute" access (defaults to prepending ACE to ACL):
       $ nfs4_setfacl -a A::alice@nfsdomain.org:rxtncy foo

-

delete the first ACE, but only print the resulting ACL (does not save changes):
       $ nfs4_setfacl --test -x 1 foo

-

edit existing ACL in a text editor and set modified ACL on clean save/exit:
       $ nfs4_setfacl -e foo

-

set ACL (overwrites original) to contents of a spec_file named `newacl.spec':
       $ nfs4_setfacl -S newacl.spec foo

-

delete the fifth and sixth ACEs above:
       $ nfs4_setfacl -x "A::EVERYONE@rtncy, D::EVERYONE@:waxTC" foo

-

modify (in-place) the second ACE above:
       $ nfs4_setfacl -m D::OWNER@:x D::OWNER@:xo foo

-

set ACLs of `bar' and `frobaz' to ACL of `foo':
       $ nfs4_getfacl foo | nfs4_setfacl -S - bar frobaz

AUTHORS

nfs4_setfacl was written by people at CITI, the Center for Information Technology Integration (http://www.citi.umich.edu). This manpage was written by David Richter.

CONTACT

Please send bug reports, feature requests, and comments to <nfsv4@linux-nfs.org>.

SEE ALSO

nfs4_getfacl(1), nfs4_acl(5), RFC3530 (NFSv4.0), NFSv4.1 Minor Version Draft.