(cc: bug-tar) We use POSIX ACLs to grant access to different groups of developers on our web servers. The biggest roadblock so far has been the use of cp and tar, which preserve the source's group bits as the ACL mask (usually denying write access in spite of the default ACL).
There are bugs for cp[1] and mkdir[2] already, and an old ML thread for tar that I can't seem to find any more. I wrote a long article for the benefit of myself and my coworkers that should explain the details: > http://michael.orlitzky.com/articles/problems_with_posix_acls_and_common_utilities.php There's proof of concept code in there that works for our simple use case. I'm both looking for feedback on the algorithm (proposed fix and todo sections), and wondering whether or not a fix like this could ever make it upstream. If so, what would I need to do to clean it up for inclusion? [1] http://savannah.gnu.org/bugs/?27146 [2] http://savannah.gnu.org/bugs/?19546
