On 23/07/19 12:20, Thomas Schmitt wrote:
Hi,
consider this from man setfacl:
--restore=file
Restore a permission backup created by `getfacl -R' or similar. All
permissions of a complete directory subtree are restored using this
mechanism. If the input contains owner comments or group comments,
setfacl attempts to restore the owner and owning group. If the
input contains flags comments (which define the setuid, setgid, and
sticky bits), setfacl sets those three bits accordingly; otherwise,
it clears them. This option cannot be mixed with other options
except `--test'.
You could write a program which reads the text blocks in the getfacl -R
file and only writes those to a new file, which contain lines other than
the chmod-related "user::", "group::", "other::".
This would curb the eagerness of setfacl --restore to the files which
really need it.
Depending on your situation. some manipulation of the file paths in the -R
file might be necessary.
(And of course you urgently need a backup of your ACLs. If your favorite
backup tool does not record them, consider to run getfacl -R and to
include the resulting file in your backup.)
Have a nice day :)
Thomas
Hi Thomas,
Thank you for a quick and useful reply.
I definitely need to review all backups and include ACLs where needed.
I'm also wondering if rsync is capable of syncing ACLs without touching
anything else.
I vaguely recall using it for a similar purpose some time ago.
Thanks,
Adam
