mfsfacl

NAME

mfsfacl - MooseFS file access control lists (extended attributes) management tools

SYNOPSIS

mfsgetfacl [-?] [-adceEspn] OBJECT [OBJECT ...]

mfssetfacl [-?] [-bKknd] [{-s|-m|-x} ACL_SPEC] [{-S|-M|-X} ACL_FILE] OBJECT [OBJECT ...]

DESCRIPTION

These tools operate on a filesystem object's (file, special file, or directory) access control list (ACL) value. ACL's in MooseFS are compatible with Linux, so in Linux you may use setfacl and getfacl commands.

mfsgetfacl prints current ACL value of given object(s).

mfssetfacl sets/changes/removes current ACL value of given object(s).

OPTIONS

mfsgetfacl options:

-a - display the file access control list only

-d - display the default access control list only

-c - do not display the comment header

-e - print all effective rights

-E - print no effective rights

-s - skip files that only have the base entries

-p - don't strip leading '/' in pathnames

-n - print numeric user/group identifiers

mfssetfacl options:

-b - remove all extended ACL entries

-K - remove the access ACL

-k - remove the default ACL

-n - don't recalculate the effective rights mask

-d - operations apply to the default ACL

-s - set the ACL of file(s), replacing the current ACL

-S - read ACL entries to set from file

-m - modify the current ACL(s) of file(s)

-M - read ACL entries to modify from file

-x - remove entries from the ACL(s) of file(s)

-X - read ACL entries to remove from file

common options:

-? - display short usage message

ACL SPECIFICATION

For -S, -M and -X option the parameter ACL_FILE should be a path to a file containing ACL value specifications as described below (one definition per line, multiple lines possible, content after # sign is ignored, output from mfsgetfacl command is always a valid file content).

ACL_SPEC should be one of the following:

[d[efault]:][u[ser]:]uid[:perms]

[d[efault]:]g[roup]:gid[:perms]

[d[efault]:]m[ask][:][:perms]

[d[efault]:]o[ther][:][:perms]

d means work on default ACL values instead of access values. Next part indicates whether user's, group's or other's permissions or mask should be set. If that part is ommited and only identifier is provided, it is assumed to be user indentifier. If user or group is indicated, if there is no identifier, default user's or group's permissions are modified. Identifier can be a string or a number. Permissions can be in the form of letters, any subset of rwx or number. Zero, empty string or dash means no permissions for -s and -m. For -x, permissions must be ommited. Multiple specification can be supplied, divided by comma.

REPORTING BUGS

Report bugs to bugs@moosefs.com

COPYRIGHT

This file is part of MooseFS.

READ THIS BEFORE INSTALLING THE SOFTWARE. BY INSTALLING, ACTIVATING OR USING THE SOFTWARE, YOU ARE AGREEING TO BE BOUND BY THE TERMS AND CONDITIONS OF MooseFS LICENSE AGREEMENT FOR VERSION 1.7 AND HIGHER IN A SEPARATE FILE. THIS SOFTWARE IS LICENSED AS PROPRIETARY SOFTWARE. YOU DO NOT ACQUIRE ANY OWNERSHIP RIGHT, TITLE OR INTEREST IN OR TO ANY INTELLECTUAL PROPERTY OR OTHER PROPRIETARY RIGHTS.