Hi guys,
I'm doing some thing wrong. I have my mailserver setup to deliver mail
for all domains to /home/vmail/<DOMAIN>/<MAILBOX>. Files and
directories inside it gets created with 0600 and 0700 permissions,
respectively - I don't see a way to tell postfix to do it any other way.
I have a cronjob on another machine, that does a rsync via ssh as the
user 'backup' on a daily basis.
I enabled acl on the ext3 filesystem, and gave 'backup' access to
/home/vmail. Problem is, it's not propagating.
Here's what I've tried
setfacl -R -m user:backup:r-x vmail
setfacl -R -m mask:r-x vmail
setfacl -R -m d:mask:r-x vmail
setfacl -R -m d:user:backup:r-x vmail
Which gives me the following if I do getfacl on /home/vmail:
# file: vmail
# owner: vmail
# group: vmail
user::rwx
user:backup:r-x
group::r-x
mask::r-x
other::r-x
default:user::rwx
default:user:backup:r-x
default:group::r-x
default:mask::r-x
default:other::r-x
Yet, if I su to backup and try to view this file, I get Permission
Denied. Looking at one of the files that was in the directory when I
did the setfacl, the permissions are 650 instead of 600. New files are
created 600.
So here's a file I can read:
-rw-r-x---+ 1 vmail vmail 2.9K 2008-02-05 19:10
1202238647.V302I58404dM470661.host.domain.tld:2,S
and the getfacl for it:
# file: 1202238647.V302I58404dM470661.host.domain.tld:2,S
# owner: vmail
# group: vmail
user::rw-
user:backup:r-x
group::---
mask::r-x
other::---
Here's a new file:
-rw-------+ 1 vmail vmail 3.2K 2008-02-05 19:24
1202239457.V302I58405dM250576.host.domain.tld
and the getfacl for it:
# file: 1202239457.V302I58405dM250576.host.domain.tld
# owner: vmail
# group: vmail
user::rw-
user:backup:r-x #effective:---
group::---
mask::---
other::---
Notice the mask didn't propagate, although I don't see how that is
relevant, because user 'backup' still has explicite r-x permissions on
everything.
What am I missing?
Thanks
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
