On 24 Jan, Brad Clements wrote:
> Is the cfs sa -clear option supposed to be able to remove a acl entry?
>
> It seems to remove the wrong user..
>
> [bkc@eiger coda]$ cfs la /coda/usr/bkc
> System:Administrators rlidwka
> System:AnyUser rl
> [bkc@eiger coda]$ cfs sa -clear /coda/usr/bkc System:AnyUser rl
> [bkc@eiger coda]$ cfs la /coda/usr/bkc
> System:AnyUser rl
Actually, the -clear option removes all current acl entries, replacing
them with whatever definitions follow the directory path. I think this
should help explain the behavior you're seeing.
As per the cfs man page:
setacl Set access control list. Sets the access control
list for each id. The -clear switch clears the
access control list except for the entries given on
the call to cfs. The -negative switch denies the
given permissions, rather than granting them.
Rights are a subset of rwidlak which are read,
write, insert, delete, lookup, administer, and lock
respectively. See the section on File Protection
in the Coda manual for more detail.
--
Stephan Koledin
Mad Scientist
The Motley Fool
http://fool.com
