getfacl(1) 맨 페이지 - 윈디하나의 솔라나라

개요

섹션
맨 페이지 이름
검색(S)

getfacl(1)

getfacl(1)                       User Commands                      getfacl(1)



NAME
       getfacl - display discretionary file information

SYNOPSIS
       getfacl [-ad] file...


DESCRIPTION
       For  each argument that is a regular file, special file, or named pipe,
       the getfacl utility displays the owner, the group, and the Access  Con‐
       trol  List  (ACL).  For  each  directory argument, getfacl displays the
       owner, the group, and the ACL and/or the default ACL. Only  directories
       contain default ACLs.


       The getfacl utility may be executed on a file system that does not sup‐
       port ACLs. It reports the ACL based on the base permission bits.


       With no options specified, getfacl  displays  the  filename,  the  file
       owner,  the  file group owner, and both the ACL and the default ACL, if
       it exists.

OPTIONS
       The following options are supported:

       -a    Displays the filename, the file owner, the file group owner,  and
             the ACL of the file.


       -d    Displays  the filename, the file owner, the file group owner, and
             the default ACL of the file, if it exists.


OPERANDS
       The following operands are supported:

       file    The path name of a regular file, special file, or named pipe.


OUTPUT
       The format for ACL output is as follows:

         # file: filename
         # owner: uid
         # group: gid
         user::perm
         user:uid:perm
         group::perm
         group:gid:perm
         mask:perm
         other:perm
         default:user::perm
         default:user:uid:perm
         default:group::perm
         default:group:gid:perm
         default:mask:perm
         default:other:perm




       When multiple files are specified on the command  line,  a  blank  line
       separates the ACLs for each file.


       The  ACL entries are displayed in the order in which they are evaluated
       when an access check is performed. The default  ACL  entries  that  may
       exist on a directory have no effect on access checks.


       The  first  three  lines  display the filename, the file owner, and the
       file group owner. Notice that when only the -d option is specified  and
       the file has no default ACL, only these three lines are displayed.


       The  user  entry  without a user ID indicates the permissions that  are
       granted to the file owner. One or more additional user entries indicate
       the permissions that are granted to the specified users.


       The  group entry without a group ID indicates the permissions that  are
       granted to the file group owner. One or more additional  group  entries
       indicate the permissions that  are granted to the specified groups.


       The  mask entry indicates the ACL mask permissions. These are the maxi‐
       mum permissions allowed to any user entries except the file owner,  and
       to any group entries, including the file group owner. These permissions
       restrict the permissions specified in other entries.


       The other entry indicates the permissions that are granted to others.


       The default entries may exist only for directories. These entries indi‐
       cate  the  default  entries that are added to a file created within the
       directory.


       The uid is a login name or a user ID if there is no entry for  the  uid
       in  the system password file, /etc/passwd. The gid is a group name or a
       group ID if there is no entry for the gid in  the  system  group  file,
       /etc/group.  The  perm is a three character string composed of the let‐
       ters representing the separate discretionary access rights: r (read), w
       (write),  x (execute/search), or the place holder character −. The perm
       is displayed in the following  order:  rwx.  If  a  permission  is  not
       granted by an ACL entry, the place holder character appears.


       If  you use the chmod(1) command to change the file group owner permis‐
       sions on a file with ACL entries, both the file group owner permissions
       and  the ACL mask are changed to the new permissions. Be aware that the
       new ACL mask permissions may change the effective permissions for addi‐
       tional users and groups who have ACL entries on the file.


       In order to indicate that the ACL mask  restricts an ACL entry, getfacl
       displays an additional tab character, pound sign (#),  and  the  actual
       permissions granted, following the entry.

EXAMPLES
       Example 1 Displaying file information


       Given file foo, with an ACL six entries long, the command


         host% getfacl foo




       would print:


         # file: foo
         # owner: shea
         # group: staff
         user::rwx
         user:spy:−−−
         user:mookie:r−−
         group::r−−
         mask::rw−
         other::−−−



       Example 2 Displaying information after chmod command


       Continue with the above example, after chmod 700 foo was issued:


         host% getfacl foo




       would print:


         # file: foo
         # owner: shea
         # group: staff
         user::rwx
         user:spy:−−−
         user:mookie:r−−     #effective:−−−
         group::−−−
         mask::−−−
         other::−−−



       Example 3 Displaying information when ACL contains default entries


       Given  directory  doo, with an ACL containing default entries, the com‐
       mand


         host% getfacl -d doo




       would print:


         # file: doo
         # owner: shea
         # group: staff
         default:user::rwx
         default:user:spy:−−−
         default:user:mookie:r−−
         default:group::r−−
         default:mask::−−−
         default:other::−−−



FILES
       /etc/passwd    system password file


       /etc/group     group file


ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:




       tab()  box;  cw(2.75i)  |cw(2.75i)  lw(2.75i)   |lw(2.75i)   ATTRIBUTE
       TYPEATTRIBUTE  VALUE _ Availabilitysystem/core-os _ Interface Stabil‐
       ityCommitted


SEE ALSO
       chmod(1),   ls(1),   setfacl(1),   acl(2),   aclsort(3SEC),   group(4),
       passwd(4), attributes(5)

NOTES
       The  output from getfacl is in the correct format for input to the set‐
       facl -f command. If the output from getfacl is redirected  to  a  file,
       the  file may be used as input to setfacl. In this way, a user may eas‐
       ily assign one file's ACL to another file.



SunOS 5.11                        5 Nov 1994                        getfacl(1)
맨 페이지 내용의 저작권은 맨 페이지 작성자에게 있습니다.
RSS ATOM XHTML 5 CSS3