[CentOS] Default ACL question (EXECUTE BIT)

Fri Oct 30 13:31:32 UTC 2009
Ross Walker <rswwalker at gmail.com>

On Oct 30, 2009, at 7:13 AM, Jorge Fábregas <jorge.fabregas at gmail.com>  
wrote:

> On Thursday 29 October 2009 10:32:30 pm nate wrote:
>> It's been eons since I played with acls, but I thought you can
>> only view acls via getfacl(or other similar commands) ls -l doesn't
>> do anything to show acls, only unix-style permissions.
>
> Hello nate,
>
> Yes, I use getfacl to see the ACLs but in this case I used a  
> "default ACL"
> that sets "regular permissions" on new files and thus any new file  
> won't have
> actually an ACL. In my case, the new file looks like:
>
> -rw------- 1 joe joe 0 Oct 29 21:14 testFile.txt
>
> If It had any ACL on it... a plus sign would appear at the end of the
> permission bits, like this:
>
> -rw-------+ 1 joe joe 0 Oct 29 21:14 testFile.txt

Umask always applies on the top-level unix perms. The 077 mask is  
sensible here, making the owner the only one with access if the ACL is  
clobbered.

The + means there are ACLs/xattrs below, you need to use getfacl to  
see them.

-Ross