I am trying to set a specific directory (/var/shared/) to grant anyone in the "coder" group read and write access.
I thought that this command
On a sidenote, I intentionally did not want to give execute perms to that directory by default in case there was an issue where a poorly written script would kick off and perhaps try to run everything in the same directory or whatever. Is that a standard approach, and is it always preferred to manually grant +x to a file? I imagine this would result in slightly better security.
Thanks
I thought that this command
setfacl -m u::rwx,g:coder:rw /var/shared would do it but am wondering now if there are some issues with ZFS per this article at the very bottom: http://vladvasiliu.com/post/2013-08-17_03-setting_default_nfsv4_acls_on_freebsd.html
Code:
brad@mercury:/var/shared$ ls -al
total 18
drwxrw---T 2 brad coder 4 Sep 5 22:59 .
drwxr-xr-x 25 root wheel 25 Sep 5 22:27 ..
-rwxrw---T 1 brad coder 4209 Sep 5 22:29 perlbot.pl
-rwxrw---T 1 brad coder 180 Sep 5 22:29 test.pl
brad@mercury:/var/shared$ setfacl -m u::rwx,g:coder:rw /var/shared
setfacl: /var/shared: branding mismatch; existing ACL is NFSv4, entry to be merged is POSIX.1eOn a sidenote, I intentionally did not want to give execute perms to that directory by default in case there was an issue where a poorly written script would kick off and perhaps try to run everything in the same directory or whatever. Is that a standard approach, and is it always preferred to manually grant +x to a file? I imagine this would result in slightly better security.
Thanks