Re: clone ACL permissions

To: debian-user@lists.debian.org
Cc: <adamw@matrixscience.com >
Subject: Re: clone ACL permissions
From: "Thomas Schmitt" <scdbackup@gmx.net>
Date: Tue, 23 Jul 2019 13:20:33 +0200
Message-id: <[🔎] 20741697550525211651@scdbackup.webframe.org>
In-reply-to: <[🔎] 9159fc6c-25a2-769f-2078-23589a257ca4@matrixscience.com>
References: <[🔎] 9159fc6c-25a2-769f-2078-23589a257ca4@matrixscience.com>

Hi,

consider this from man setfacl:

   --restore=file
       Restore a permission backup created by `getfacl -R' or similar. All
       permissions of a complete directory subtree are restored using this
       mechanism. If the input contains owner comments or group  comments,
       setfacl  attempts  to  restore  the  owner and owning group. If the
       input contains flags comments (which define the setuid, setgid, and
       sticky bits), setfacl sets those three bits accordingly; otherwise,
       it clears them. This option cannot  be  mixed  with  other  options
       except `--test'.

You could write a program which reads the text blocks in the getfacl -R
file and only writes those to a new file, which contain lines other than
the chmod-related "user::", "group::", "other::".
This would curb the eagerness of setfacl --restore to the files which
really need it.

Depending on your situation. some manipulation of the file paths in the -R
file might be necessary.

(And of course you urgently need a backup of your ACLs. If your favorite
 backup tool does not record them, consider to run getfacl -R and to
 include the resulting file in your backup.)


Have a nice day :)

Thomas

Reply to:

Follow-Ups:
- Re: clone ACL permissions
  - From: Adam Weremczuk <adamw@matrixscience.com>

References:
- clone ACL permissions
  - From: Adam Weremczuk <adamw@matrixscience.com>

Prev by Date: clone ACL permissions
Next by Date: Re: clone ACL permissions
Previous by thread: clone ACL permissions
Next by thread: Re: clone ACL permissions
Index(es):
- Date
- Thread