Add a modifyonly parameter to stop the default acl being applied all the time

[liuzhen2008]

The second -m d:<% p %> is not really needed since we can just set

parameter => u:userX:rwx,d:u:userX:rwx

[thias]

I think I understand what you mean, but I'm not sure I understand why you want this change.

Having the default ACL (for directories) set with the same rules as the main ACL is what I have always wanted, and when applying recursively, I can't conceive a case where that wouldn't be wanted.

If what you want is to have to explicitly set the default ACL with the same rules as the main ACL, it seems like useless overhead to me.

If what you're after is a way of disabling setting default ACLs, then why not, but in this case I'd be curious to hear about a real use case, and the parameter should have a more explicit name, as $modifyonly ... well... I don't get it :-) Maybe $nodefaultacl instead?

Next possibility, you just wanted to group the two in a single parameter... then :

-ACLOPTS[<%= f %>]+="<% @permissions.flatten.each do |p| %> -m <%= p %> -m d:<%= p %><% end %>"
+ACLOPTS[<%= f %>]+="<% @permissions.flatten.each do |p| %> -m <%= p %>,d:<%= p %><% end %>"

...and done!

Last possibility, you really wanted something that did $modifyonly, but in this case the parameter should be disabling the setfacl -x in order to not ''purge/reset'' the ACLs, and only modify them.

[liuzhen2008]

Hi, in my case I only want to set the default ACL while not applying(or changing) the main ACL.

I use a software to monitor of all my logs.

If I give readOnly access to this user for a given directory, then the (main) ACL will prevent it from opening up the directory. On the other hand I don't want to give both read and execute permissions.

So i have to remove either -m <% p %> or -m d:<% p %>. I chose the latter since only one -m is enough to do everything anyway. I added the if statement there so that it doesn't break for other users.

Maybe i am not understanding this whole ACL very clearly. Is there another way around? Thanks.