New install -- write-permissions not working / being updated with setfacl

Wannabe_Seasteader

New Member

Reaction score: 1
Messages: 2

Hi, I'm a BSD newbie and have been trying to tinker around with a few-month-old FreeBSD 13.0 release. The system is setup with zfs and all of the mount points (except /dev and /boot/efi) have nfsv4acls active.

I don't seem to have write or file-creation privilege in my home directory. For instance:
$ touch yo
$ mkdir somedir
and
Code:
$ cat > writesomething << "EOF"
? blah to the writesomething file
? "EOF"
all return Operation not permitted.

The output of getfacl /home/<username> is:
Code:
# file: /home/<username>
# owner: <username>
# group: <username>
      owner@rwxp--aARWcCos:-------:allow
      group@r-x---a-R-c--s:-------:allow
everyone@r-x---a-R-c--s:-------:allow
From the setfacl manpage I've been trying permutations of:
setfacl -a 0 owner@rwxpDdaARWcCos:fd----I:allow /home/<username>
and
setfacl -a 0 group@rwxpDdaARWcCos:fd----I:allow /home/<username>

But both the user and even root account are getting Operation not permitted. errors when attempting the setfacl command.

Is there something that I ineptly misconfigured at some stage of the install? I've been using the -a option for setfacl because the manpage recommends to use it instead of -m and -d for NFSv4 ACLs.
I've been using these forum posts as guidelines but haven't found a solution yet:

I want to figure out how to get write / file-creation permission and extend it to subdirectories that my user account should be able to access. Thanks in advance for any help. (I think I stumbled into this problem a few months ago, got sort of discouraged and went back to linux-related stuff -- but I'd like to get past this stumbling at this point.)
 
Last edited by a moderator:

T-Daemon

Daemon

Reaction score: 939
Messages: 1,832

I can't reproduce the error. Do you have maybe restricted write and operation permissions experimenting with ACL's?

Testing on a default Root-on-ZFS 13.0-RELEASE installation, user write permission in users home directory is allowed, setfacl(1) operations as root and user is permitted ( when executing commands: # = root, % = user ):

To inherit ACL's for files and directories in users home's on ZFS:
Code:
# zfs set aclinherit=passthrough zroot/usr/home
Default is "restricted", see zfsprops(8).

Use setfacl -m, using -a produces double ACL's.
Code:
% setfacl -m owner@:full_set:fdI:allow /usr/home/<user>
% setfacl -m group@:full_set:fdI:allow /usr/home/<user>

% getfacl /usr/home/<user>
# file: /usr/home/<user>
# owner: <user>
# group: <user>
                      owner@:rwxpDdaARWcCos:fd----I:allow
                      group@:rwxpDdaARWcCos:fd----I:allow
                  everyone@:r-x---a-R-c--s:-------:allow

% touch file0
% getfacl file0
# file:  file0
# owner: <user>
# group: <user>
                      owner@:rwxpDdaARWcCos:fd----I:allow
                      group@:rwxpDdaARWcCos:fd----I:allow

% mkdir dir0
% getfacl dir0
# file: dir0
# owner: <user>
# group: <user>
                      owner@:rwxpDdaARWcCos:fd----I:allow
                      group@:rwxpDdaARWcCos:fd----I:allow
 

T-Daemon

Daemon

Reaction score: 939
Messages: 1,832

T-Daemon
Do you have maybe restricted write and operation permissions experimenting with ACL's?
Wannabe_Seasteader
New install -- write-permissions not working / being updated with setfacl
I didn't took account the threads subject, sorry. If you don't know what ACL's you have modified on the root directory ( / ), I suggest to install the system fresh. It would be easier and faster than finding and reverting them.

After a fresh install apply instructions from post #2.
 
OP
W

Wannabe_Seasteader

New Member

Reaction score: 1
Messages: 2

I didn't took account the threads subject, sorry. If you don't know what ACL's you have modified on the root directory ( / ), I suggest to install the system fresh. It would be easier and faster than finding and reverting them.

After a fresh install apply instructions from post #2.
I think I'll give a fresh install a go... I had a acl_set_file() failed: Operation not permitted message when I attempted the setfacl one-liner after entering the suggested zfs command as root. It's likely I misconfigured things at install or shortly afterward. Thanks.
 
Top