In OS X, if you want to view the ACL information on a file, you can do so with the -e option of `ls.
$ ls -lde app/cache
drwxrwxr-x+ 7 alanstorm staff 238 Apr 1 10:02 app/cache
0: user:alanstorm allow add_file,delete,add_subdirectory,file_inherit,directory_inherit
1: user:root allow add_file,delete,add_subdirectory,file_inherit,directory_inherit
2: user:_www allow add_file,delete,add_subdirectory,file_inherit,directory_inherit
What's the format of the individual ACE lines? Is this documented anywhere? I couldn't find anything in the chmod or ls man pages, and most internet articles did a lot of "and there's your ACL/ACE entries" hand waving once they taught you the -e option.
I can start to guess at the meanings — the last column is obviously the individual permissions, the first is either a user or group, etc., but I don't know what the meaning of allow/deny is in OS X ACL talk, and I don't know if the 0, 1, 2 carry any semantic meaning, and (most importantly) I don't know what else I don't know. For example, there's an inherited column that shows up if a file's inherited permissions
0: user:alanstorm allow add_file,delete,add_subdirectory,file_inherit,directory_inherit
vs.
0: user:alanstorm inherited allow add_file,delete,add_subdirectory,file_inherit,directory_inherit
This screws up straight whitespace parsing, and I'd like to know if there's other places where stuff like this pops up.
If anyone here could help clear up the individual questions I have about column 1 and column 3, or more generally describe the format, I'd appreciated it.
Long time unix user here, but I'm not really up to speed on ACL stuff. Bitmasks, chmod, pry from my cold dead hand, etc.
