Hello members, hello Thomas, I have a question regarding to the handling of ACLs. We have trouble with some applications while using the installed maschines because the complete filesystem has ACLs.
Actually I was wondering about this behavior, because a plain installation of Ubuntu 16.04 without FAI doesn't set ACLs. So I started reading the fai code and found the switch for tar ($catname $file | tar --xattrs --xattrs-include=*.* --selinux --acl --numeric-owner -C /tmp/aclmist -v -xf -) inside the ftar. After that I tried to figure out which ACL rule could be used by tar and I recognized that the target directory (while installation) has set ACLs. (FAI-CLIENT) root@testvm005:~# ls -alsh / total 52K 0 drwxr-xr-x 30 root root 240 Aug 16 17:39 . 0 drwxr-xr-x 30 root root 240 Aug 16 17:39 .. 0 -rw-r--r-- 1 root root 0 Mar 30 12:24 .THIS_IS_THE_FAI_NFSROOT 4.0K drwxr-xr-x 2 root root 4.0K Mar 30 12:25 bin 4.0K drwxr-xr-x 3 root root 4.0K Mar 30 12:29 boot 0 drwxr-xr-x 15 root root 2.9K Aug 16 17:39 dev 0 drwxr-xr-x 73 root root 80 Aug 16 17:36 etc 4.0K drwxr-xr-x 2 root root 4.0K Jan 6 2016 home 0 lrwxrwxrwx 1 root root 30 Mar 30 12:27 initrd.img -> boot/initrd.img-3.16.0-4-amd64 4.0K drwxr-xr-x 15 root root 4.0K Mar 30 12:25 lib 4.0K drwxr-xr-x 2 root root 4.0K Mar 30 12:24 lib64 0 drwxr-xr-x 4 root root 80 Aug 16 17:36 live 4.0K drwxr-xr-x 2 root root 4.0K Mar 30 12:23 media 4.0K drwxr-xr-x 2 root root 4.0K Mar 30 12:23 mnt 4.0K drwxr-xr-x 2 root root 4.0K Mar 30 12:23 opt 0 dr-xr-xr-x 75 root root 0 Aug 16 2016 proc 0 drwx------ 4 root root 80 Aug 16 17:47 root 0 drwxr-xr-x 10 root root 380 Aug 16 17:36 run 12K drwxr-xr-x 2 root root 12K Mar 30 12:25 sbin 4.0K drwxr-xr-x 2 root root 4.0K Mar 30 12:23 srv 0 dr-xr-xr-x 13 root root 0 Aug 16 17:36 sys 4.0K drwxr-xr-x+ 22 root root 4.0K May 4 18:05 target 0 drwxrwxrwt 3 root root 60 Aug 16 17:38 tmp 0 drwxr-xr-x 11 root root 60 Aug 16 17:39 usr 0 drwxr-xr-x 14 root root 100 Aug 16 17:36 var 0 lrwxrwxrwx 1 root root 27 Mar 30 12:27 vmlinuz -> boot/vmlinuz-3.16.0-4-amd64 Is this the expected behavior for fai? Or did I miss a switch to deactivate the ACL for /target/ ? Other switches for ACLs weren't found by me. Thanks for your help and have a good evening, Steven <div style=\"border:0;border-bottom:1px solid black;width:100%;\"> Gesendet mit Telekom Mail <https://t-online.de/email-kostenlos> - kostenlos und sicher für alle!