Options
On directories' permissions: x versus X
varelg
Banned Posts: 790
So the task says to create a group group01, in which members are user01, user02 and user03. And then set ACLs for the group to read and write to a directory /dir01, but user01 should only be able to read the directory.
All is clear about making the directory, including users into group01 as their secondary group, setting ACLs via setfacl as per requirements but... I was surprised to see in the solution that group was given rwX over a directory while user01 was given r-x. Why wouldn't user01 have r-X over the directory and would it make such a difference ifuser01 had r-X? Why/when to prefer X over x for directories?
All is clear about making the directory, including users into group01 as their secondary group, setting ACLs via setfacl as per requirements but... I was surprised to see in the solution that group was given rwX over a directory while user01 was given r-x. Why wouldn't user01 have r-X over the directory and would it make such a difference ifuser01 had r-X? Why/when to prefer X over x for directories?
Comments
-
Options
wolfinsheepsclothing
Member Posts: 155
"The X flag assigns permissions only to those files and directories that already have the execute access right. The Xflag is calculated on the moment when setfacl is launched, that is why it is interpreted as x in the default rules." -
Optionsvarelg
Banned Posts: 790
Thank you wolfinsheepsclothing, yes default umask for creating directories by root gives execute rights even to others (everyone can list it, only the owner can create files there), so there's already an execute permission over that directory. But then, if X is given on those files and directories with an already execute permission assigned, why not giving X to user01? Since the directory already has execute permissions?