• @Deiskos
    link
    12
    edit-2
    1 year ago

    I think it’s like this: what used to be group in regular permissions output is a union of group and ACL mask in ACL output. Mask sets the upper limit of what ACL can do, so if mask is rw- then it’s impossible to set a r-x ACL permission because allowing execution is not allowed.

    This seems to be more geared towards enterprise environment where it could be complicated to cleanly define groups, since you can only give access to one you might run into a problem where dept. A needs access to that directory but also person G from dept. B and person K from dept. C.

    • @[email protected]
      link
      fedilink
      11 year ago

      Yep, it’s basically a way to define new groups per directory. But these groups are hidden from the normal group commands!