If you’re talking about a disk that doesn’t contain a Windows installation, just use the “TAKEOWN” and “ICACLS” utilities: TAKEOWN /f “X:\” /r /d y ICACLS “X:\” /reset /T Then you can reset the ACLs to whatever you want. If it’s a disk with a Windows 2000, XP, or Server 2003 operating system installed (don’t … Read more
This is how I’ve always done it, not quite sure where I read this. In order to have most of windows ACL options on your Samba shares connected to AD you need to enable both POSIX ACLs and XATTRS: /dev/sda2 /samba ext3 user_xattr,acl 1 2 And in your smb.conf you need to enable idmapping, nt … Read more
First of all, use Set-Acl like this, as the directory path is the first positional argument: Set-Acl $directory $acl Second, you should create the user object with only one argument: $user = New-Object System.Security.Principal.NTAccount(“$domain\\$username”) UPDATE: Seems that it won’t accept the “IIS APPPOOL\AppPoolName” as an NTAccount identifier. Now, there are two ways to accomplish what … Read more
This sounds like the default mount behavior is not allowing ACLs on the filesystem. getfacl will report the normal filesystem permissions without error, but setfacl is unable to operate because the filesystem is mounted without the ACL option. You can add this in /etc/fstab or by modifying your filesystem options. Assuming you have the /home … Read more
Here’s a left-field idea.. you could “null-route” the 50 blocked IPs, by adding an “broken” route to the VPC route table for each IP. This wouldn’t prevent the traffic from the IPs hitting your infrastructure (only the NACLs and the SGs will prevent that), but it’ll prevent the return traffic from every making it “back … Read more
ls -e Print the Access Control List (ACL) associated with the file, if present, in long (-l) output. this gives a result such as… drwxr-xr-x@ 19 localadmin 646B Aug 4 00:21 APPBUNDLE 0: user:localadmin allow add_file,add_subdirectory,writeattr,writeextattr,writesecurity ⬆ ⇧ ⇶ ⬆ Personally, I have “exports” in my ~/.bash_profile export FILE_ALL=”read,write,append,execute,delete,readattr,writeattr,readextattr,writeextattr,readsecurity,writesecurity,chown” export DIR_ALL=”list,search,add_file,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,writesecurity,chown” that make such a … Read more
Yes, ACLs can do this. Ensure your filesystem is mounted with acl. To check this, type mount. You should see acl listed among other permissions, e.g. /dev/sda1 on / type ext4 (rw,errors=remount-ro,acl) If it’s not mounted with acl, open up /etc/fstab, and add acl to the list of options: # /etc/fstab: static file system information. … Read more
Use getfacl to get the default permissions from the directory and then pipe the result into setfacl to apply it. Something like this should work: getfacl -d <directory> | setfacl -R –set-file=- <directory>
The test you appear to be wanting to impose is this: A && !(B || C) …but that is not logically equivalent to what you’ve written, which is essentially this… (A && !B) || (A && !C) The logical equivalent of A && !(B || C) without using parentheses for precedence is actually this: A … Read more
It would not be convenient for you if chmod() didn’t have this behaviour. It would be highly inconvenient, because things that people traditionally expect to work on Unixes would break. This behaviour serves you well, did you but know it. It’s a shame that IEEE 1003.1e never became a standard and was withdrawn in 1998. … Read more