[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#12020: ls should show when extended system attributes are set
From: |
Luk Claes |
Subject: |
bug#12020: ls should show when extended system attributes are set |
Date: |
Sun, 22 Jul 2012 00:50:12 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux i686; rv:10.0.5) Gecko/20120624 Icedove/10.0.5 |
On 07/21/2012 11:56 PM, Eric Blake wrote:
> tag 12020 moreinfo
> thanks
>
> On 07/21/2012 12:41 PM, Luk Claes wrote:
>> Hi
>>
>> Currently when using POSIX acls, this is not visible when listing files
>> with ls. This means that users and system administrators cannot easily
>> see when (non trivial) POSIX acls are in use which obviously can result
>> in wrong expectations when only seeing the rwx kind of acls.
>
> What version of coreutils are you using, and on what distro?
I'm using Debian, version 8.13
>> At a minimum I would like that ls would show that extended system
>> attributes are being used (maybe by showing something different than -
>> for the type of file?).
>
> But ls _does_ already do that.
> Notice how the 11th character changed from '+' (ACL present) to '.'
> (SELinux label present)? That is, a trailing '+' is already what
> coreutils uses to indicate the presence of ACLs (which generally provide
> additional rights); and a trailing '.' indicates the presence of
> restrictions (SELinux labels typically restrict rights depending on the
> labeling of the calling context). On systems with neither ACLs nor
> SELinux labels, then the 11th character is ' ' (space) to indicate no
> other special permissions.
Nice, though in that case it does apparently not vanish when I only
remove the non-trivial acl again and keep the mask:
$ getfacl foo
# file: foo
# owner: luk
# group: luk
user::rw-
user:mongodb:rw-
group::r--
mask::rw-
other::r--
$ ls -l foo
-rw-rw-r--+ 1 luk luk 5 Jul 22 00:37 foo
$ setfacl -x u:mongodb foo
$ ls -l foo
-rw-r--r--+ 1 luk luk 5 Jul 22 00:37 foo
$ getfacl foo
# file: foo
# owner: luk
# group: luk
user::rw-
group::r--
mask::r--
other::r--
Though I guess it's close enough, only a pitty it's not in the manpage.
So feel free to close this or retarget it.
Cheers
Luk
- bug#12020: ls should show when extended system attributes are set, Luk Claes, 2012/07/21
- bug#12020: ls should show when extended system attributes are set, Eric Blake, 2012/07/21
- bug#12020: ls should show when extended system attributes are set,
Luk Claes <=
- bug#12020: ls should show when extended system attributes are set, Luk Claes, 2012/07/21
- bug#12020: ls should show when extended system attributes are set, Jim Meyering, 2012/07/22
- bug#12020: ls should show when extended system attributes are set, Kamil Dudka, 2012/07/22
- bug#12020: ls should show when extended system attributes are set, Jim Meyering, 2012/07/22
- bug#12020: ls should show when extended system attributes are set, Kamil Dudka, 2012/07/23