SETFACL(1) CYGWIN SETFACL(1)NAME
- Modify file and directory access control lists (ACLs)
SYNOPSISsetfacl [-r] (-f ACL_FILE | -s acl_entries) FILE...
setfacl [-r] ([-d acl_entries] [-m acl_entries]) FILE...
OPTIONS-d, --delete
delete one or more specified ACL entries
-f, --file
set ACL entries for FILE to ACL entries read from a ACL_FILE
-m, --modify
modify one or more specified ACL entries
-r, --replace
replace mask entry with maximum permissions needed for the file
group class
-s, --substitute substitute specified ACL entries for the
ACL of FILE
-h, --help
output usage information and exit
-v, --version
output version information and exit
At least one of (-d, -f, -m, -s) must be specified
DESCRIPTION
For each file given as parameter, setfacl will either replace its
complete ACL ( -s, -f), or it will add, modify, or delete ACL
entries. For more information on Cygwin and Windows ACLs, see see
ntsec /xref in the Cygwin User's Guide.
Acl_entries are one or more comma-separated ACL entries from the fol‐
lowing list:
u[ser]::perm
u[ser]:uid:perm
g[roup]::perm
g[roup]:gid:perm
m[ask]::perm
o[ther]::perm
Default entries are like the above with the additional default identi‐
fier. For example:
d[efault]:u[ser]:uid:perm
perm is either a 3-char permissions string in the form "rwx" with the
character '-' for no permission or it is the octal representation of
the permissions, a value from 0 (equivalent to "---") to 7 ("rwx"). uid
is a user name or a numerical uid. gid is a group name or a numerical
gid.
The following options are supported:
-d Delete one or more specified entries from the file's ACL. The
owner, group and others entries must not be deleted. Acl_entries to be
deleted should be specified without permissions, as in the following
list:
u[ser]:uid
g[roup]:gid
d[efault]:u[ser]:uid
d[efault]:g[roup]:gid
d[efault]:m[ask]:
d[efault]:o[ther]:
-f Take the Acl_entries from ACL_FILE one per line. Whitespace charac‐
ters are ignored, and the character "#" may be used to start a comment.
The special filename "-" indicates reading from stdin. Note that you
can use this with getfacl and setfacl to copy ACLs from one file to
another:
$ getfacl source_file | setfacl-f - target_file
Required entries are: one user entry for the owner of the file, one
group entry for the group of the file, and one other entry.
If additional user and group entries are given: a mask entry for the
file group class of the file, and no duplicate user or group entries
with the same uid/gid.
If it is a directory: one default user entry for the owner of the
file, one default group entry for the group of the file, one default
mask entry for the file group class, and one default other entry.
-m Add or modify one or more specified ACL entries. Acl_entries is a
comma-separated list of entries from the same list as above.
-r Causes the permissions specified in the mask entry to be
ignored and replaced by the maximum permissions needed for the file
group class.
-s Like -f, but substitute the file's ACL with Acl_entries speci‐
fied in a comma-separated list on the command line.
While the -d and -m options may be used in the same command, the
-f and -s options may be used only exclusively.
Directories may contain default ACL entries. Files created in a
directory that contains default ACL entries will have permissions
according to the combination of the current umask, the explicit permis‐
sions requested and the default ACL entries
Limitations: Under Cygwin, the default ACL entries are not taken into
account currently.
COPYRIGHT
Cygwin is Copyright (C) 1995-2010 Red Hat, Inc.
Cygwin is Free software; for complete licensing information, refer to:
http://cygwin.com/licensing.html
SEE ALSO
The full documentation to the Cygwin API is maintained on the web at:
http://cygwin.com/cygwin-api/cygwin-api.html
The website is updated more frequently than the man pages and should be
considered the authoritative source of information.
April 2010 SETFACL(1)
