Check the ACL!

I just shot myself in the foot using Access Control Lists.

# ls -l ./somefile.txt
-rw-r-----  1 root  www  893  Apr 4 00:44 ./somefile.txt
# getfacl ./somefile.txt
user::rw-
user:www:--x  # effective: ---
group::r-x    # effective: r--
mask::r--
other::---

In the above example, the file inherited the default ACL from the parent directory.

I’m not even going to tell you how long it took me to figure out why the web server couldn’t access the file…

If you can’t find it: check those ACL!

And if you want to drive your colleague crazy:

# setfacl -m u:george:--- /some/random/commonly/used/file

Leave A Reply

Het e-mailadres wordt niet gepubliceerd. Vereiste velden zijn gemarkeerd met *

Deze website gebruikt Akismet om spam te verminderen. Bekijk hoe je reactie-gegevens worden verwerkt.

REPUBLISHING TERMS

You may republish this article online or in print under our Creative Commons license. You may not edit or shorten the text, you must attribute the article to OhReally.nl and you must include the author’s name (Rob LA LAU) in your republication.

If you have any questions, please email rob@ohreally.nl

License

Creative Commons License Attribution-ShareAlikeCreative Commons Attribution-ShareAlike
Check the ACL!