Hi Daniel - Thanks so much for your help! That was indeed the problem. I didn't realize that default ACL's don't count as actionable ACL's (other than to dictate authorization for new sub-directories and files). On 8/20/19 2:14 PM, Daniel Kobras wrote: > Hi! > >> Am 20.08.2019 um 20:35 schrieb Goetz, Patrick G <pgoetz@xxxxxxxxxxxxxxx>: >> >> I have an NFSv4 exported folder (base filesystem: XFS) which must afford >> read access to a program on folders which are otherwise hidden from the >> public. On the NFS server: >> >> root@kraken:/EM/EMtifs# getfacl pgoetz >> # file: pgoetz >> # owner: pgoetz >> # group: cns-cnsitlabusers >> user::rwx >> group::r-x >> other::--- >> default:user::rwx >> default:user:cryosparc_user:r-x >> default:group::r-x >> default:mask::r-x >> default:other::--- > > There’s only a default ACL (which is inherited to new objects), but no proper ACL on the directory itself. Have you tried > > setfacl -m u:cryosparc_user:rx > > already? > > Kind regards, > > Daniel >
