46

We use a hosting server of FreeBSD 10.3, where we don't have the authority to be a superuser. We use the server to run apache2 for web pages of our company. The previous administrator of our web pages appeared to set an ACL permission to a directory, but we want to remove it. Let us say the directory is called foobar.

Now the result of ls -al foobar is as follows:

drwxrwxr-x+   2 myuser  another_user   512 Nov 20  2013 foobar

And the permission is as follows:

[myuser@hosting_server]$ getfacl foobar
# file: foobar/
# owner: myuser
# group: another_user
user::rwx
group::rwx
mask::rwx
other::r-x

Here we want to remove the ACL permission and the plus sign at the last of the permission list. Therefore, we did

setfacl -b foobar

It eliminated the special permission governed by the ACL, but didn't erase the plus sign+.

Our question is how can we erase the plus sign+ in the permission list, shown by 'ls -al foobar'?

Taiki Bessho
  • 1,085
  • 1
  • 9
  • 14

2 Answers2

49

Our problem was resolved by using:

setfacl -bn foobar

The point was we also had to remove the aclMask from the directory with an option -n... The man page of setfacl says as follows:

 -n      Do not recalculate the permissions associated with the ACL mask
         entry.  This option is not applicable to NFSv4 ACLs.

We're not sure why this option worked, but it did...

In case you get d????????? permission after the above solution, try chmod -R a+rX as two commented below.

Taiki Bessho
  • 1,085
  • 1
  • 9
  • 14
14

You should try using recursive option.

setfacl -R -b foobar

There is no need for -n option

Ajitabh Pandey
  • 186
  • 1
  • 4