Initially sent to gentoo-server, just remembered there are probably a few ACL users here too.
-------- Original Message -------- I have a directory (drupal modules directory) where developers regularly untar (or cp) archives. The contents should be rwx for the 'developers' group, so that some other developer can update or remove the module later. I've set default ACLs on the parent directory, and the regular default ACLs are applied but the default mask is not. This is because tar/cp preserve the original group permission bits -- a strategy that doesn't make sense under a directory with default ACLs. For an example, I'll copy /etc/profile (mode: 0644) into a directory whose contents should be rwx to the 'apache' user via its default ACL. gantu acl $ getfacl . # file: . # owner: mjo # group: mjo user::rwx group::--- other::--- default:user::rwx default:user:apache:rwx default:group::--- default:mask::rwx default:other::--- gantu acl $ cp /etc/profile ./ gantu acl $ getfacl profile # file: profile # owner: mjo # group: mjo user::rw- user:apache:rwx #effective:r-- group::--- mask::r-- other::--- So, even though the directory has default:mask::rwx, newly-created files have mask::r--. I've been searching for a while and others have run into this problem; so far, I don't see any good solutions. Does anything come to mind? Initially I thought I could set developers' umasks appropriately; however, both tar and cp ignore the umask (even with --no-preserve=mode!) and use the source permission bits anyway.
