Reindl Harald wrote: > sounds more you do not understand what ACLs are for > > how could a private user group replace ACLs? > if you have different users and groups which needs > defined permissions you will always need ACLs because > chmod can only reflect the primary group > > for restrict access to a single user you need no ACL > chmod 600 does this for you It was in the old Red Hat Linux manuals (for example, section 6.4.1 of ftp://archive.download.redhat.com/pub/redhat/linux/7.3/en/doc/RH-DOCS/pdf-en/rhl-rg-en.pdf): IF you want a shared directory (say a project directory) writeable by some but not all users, AND IF you don’t want to use ACLs¹, THEN you need to have that directory and everything in it owned by a suitable group (and set to be group-writeable). IF you don’t want to have users having to play around with ownership and permissions all the time, THEN you need to have the setgid bit on the folder set (which makes all new files and directories automatically have the appropriate group) AND you need to have umask set to 002 (which makes all new files and directories group-writeable). >From there, it follows that the easiest way to do this is to make 002 the default umask, which means that all new files and directories created by normal users have these permissions. That means that if you want files that only their owner can write to, you need a per-user group. It makes perfect sense. James. ¹ This predated Linux ACLs, anyway. -- E-mail: james@ | And that bird was singin' up a storm. Chirp, pause, aprilcottage.co.uk | chirp. Almost a pulse, really. Astonishing how... | mechanical...that...sounded. And then I put my head in | my hands and sighed, because I had been trying to ID the | mating call of my Epson printer. -- Ursula Vernon -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
