[mdlug] [WLUG] SELinux permissions
Jonathan Billings
billings at negate.org
Thu Jan 17 09:07:37 EST 2013
On Wed, Jan 16, 2013 at 08:26:15PM -0800, John Wiersba wrote:
> The filesystem in question is afs. For somereason afs doesn't use
> the normal getfacl utilities but uses fs instead. I'm investigating
> the output of fs now...
I suspected it was AFS from the SELinux context and the fact that you
could create but not remote a directory. It sounds like something I
hear about all the time at work. AFS predates POSIX acls and SELinux
by a couple decades, so it's not a huge surprise that their tools are
different.
Feel free to ask about AFS's fs command, though, since I'm familiar
with it.
This doc:
http://docs.openafs.org/Reference/1/fs_setacl.html#a_(administer)
is the man page for 'fs setacl', and it describes the 'rlidwka'
permissions AFS can have.
--
Jonathan Billings <billings at negate.org>
More information about the mdlug
mailing list