Unsolved
This post is more than 5 years old
2 Intern
•
467 Posts
0
1946
Cloning Windows/Unix permissions from one file to another file
The other day, as part of a migration process, a user somehow managed to remove permissions for a whole mess of files on an Isilon SMB share. The windows admins didn't haver permissions to access the files since it had zero permissions whatsoever. I started to use setfacl and getfacl to clone the ACL permissions, but getting setfacl to work with stdin wasn't cooperating (and it's deprecated) so i did what it is I do - wrote a perl script.
You pass it two arguments, and and it clones the unix and windows permissions from one to the other. It's a nice tool to have in our toolbox, if you're interested you can download it on my blog here.
Mark
dynamox
2 Intern
2 Intern
•
20.4K Posts
0
March 20th, 2013 21:00
this is very useful, if i get locked out i reset SMB directory owner using chown -R -s DOMAIN\\username
cincystorage
2 Intern
2 Intern
•
467 Posts
0
March 21st, 2013 04:00
What is the -s option?
cincystorage
2 Intern
2 Intern
•
467 Posts
0
March 21st, 2013 05:00
I do chmod without -s using domain users all the time, I just put it in double quotes...
chown "domain\cincystorage" file works.. at least on my 6.5.5.11 vm
cincystorage
2 Intern
2 Intern
•
467 Posts
0
March 21st, 2013 05:00
What version are you running. Did it happen to actually work and just throw a warning?
dynamox
2 Intern
2 Intern
•
20.4K Posts
0
March 21st, 2013 05:00
6.5.5.12 ..it does not change owner, i have to add -s
dynamox
2 Intern
2 Intern
•
20.4K Posts
0
March 21st, 2013 05:00
they way i understand it you have to use -s whenever you specify domain account, if were to specify uid for that account i would not have to use -s
dynamox
2 Intern
2 Intern
•
20.4K Posts
0
March 21st, 2013 05:00
does not work for me
isilon1-2# chown -R "MYDOMAIN\\dynamox" NewFolder
WARNING: 'MYDOMAIN\\dynamox' is a special identity. It is recommended to use the -s flag when setting a special identity. See chown(1) for more information.
cincystorage
2 Intern
2 Intern
•
467 Posts
0
March 21st, 2013 06:00
All Glory to the Dynamox Entity!
cincystorage
2 Intern
2 Intern
•
467 Posts
0
March 21st, 2013 06:00
Ha! Captain Awesome!
RRR
2 Intern
2 Intern
•
5.7K Posts
0
March 21st, 2013 06:00
You cannot change the Dynamox entity! You of all people should know that!
cincystorage
2 Intern
2 Intern
•
467 Posts
0
March 21st, 2013 06:00
isilon-1# ls -als cp_perms.zip
26 -rwxrwx--x + 1 DOMAIN\cincystorage DOMAIN\cincygroup 1095 Mar 20 23:19 cp_perms.zip
isilon-1# chown "DOMAIN\notmark" cp_perms.zip
isilon-1# ls -als cp_perms.zip
50 -rwxrwx--x + 1 DOMAIN\notmarkDOMAIN\cincygroup 1095 Mar 20 23:19 cp_perms.zip
isilon-1#
I'm at 6.5.5.11 at the moment... Strange!
dynamox
2 Intern
2 Intern
•
20.4K Posts
0
March 21st, 2013 06:00
we need to give Mark a nickname ..cause Mark is just too simple. How about "The Automator" ?
RRR, welcome to Isilon forums ..glad you could stop by, cup of tea, vino ?
cincystorage
2 Intern
2 Intern
•
467 Posts
0
March 21st, 2013 07:00
It's basketball day (holy day of obligation) here for me...big local event... good excuse to go to the bar
RRR
2 Intern
2 Intern
•
5.7K Posts
0
March 21st, 2013 07:00
Yeah, wine would do! I'm out of the office now anyway! Time to go home that is
dynamox
2 Intern
2 Intern
•
20.4K Posts
0
March 21st, 2013 07:00
what ? 3pm and you are going home ..banker's hours ?