I can reproduce this without udev too, so the prob is not udev. cd /dev rm -f foo touch foo chmod 0600 foo setfacl -m 'user::rw-,user:daemon:rw-,group::---,mask::rw-,other::---' foo
this creates the same ACL entry as the one I found for /dev/kvm. Without the 'group::---' part of setfacl, it works correctly. So it looks like it is libacl who is at fault here. But given the current interface and all the users of this interface, I'm not sure at all how this can be solved. Possible solution is to stop returning fake acl from unix permission bits, but I guess it is just too much. BTW, for some reason, setting an ACL like this changes file group access bits too, from --- to rw-, which is the same as the acl mask. After removing the ACL (setfacl -b), these extra bits stay. This might be a bug in the kernel (both changing group perms in the first place and keeping the changed bits after removing the acl), but this looks like a different issue or question. Thanks, /mjt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org