Check the ACL!

I just shot myself in the foot using Access Control Lists.

# ls -l ./somefile.txt
-rw-r-----+  1 root  www  893  Apr 4 00:44 ./somefile.txt
# getfacl ./somefile.txt
user::rw-
user:www:--x  # effective: ---
group::r-x    # effective: r--
mask::r--
other::---

In the above example, the file inherited the default ACL from the parent directory.

I’m not even going to tell you how long it took me to figure out why the web server couldn’t access the file…

If you can’t find it: check those ACL!

And if you want to drive your colleague crazy:

# setfacl -m u:george:--- /some/random/commonly/used/file

Leave A Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

REPUBLISHING TERMS

You may republish this article online or in print under our Creative Commons license. You may not edit or shorten the text, you must attribute the article to OhReally.nl and you must include the author’s name in your republication.

If you have any questions, please email rob@ohreally.nl

License

Creative Commons License AttributionCreative Commons Attribution
Check the ACL!