1

Can I set ACLs for directories which don't exist yet, but follow a pattern?

I have a directory /opt/myapp/var where all sub-directories and files should be owned by mygroup and should be group writable. This is no problem. During installation of the app, I can do this:

prefix=/opt/myapp
chown -R :mygroup $prefix/var                   # All files are owned by mygroup
chmod -R g+w $prefix/var                        # All files group-writable
find $prefix/var -type d -exec chmod g+s {} \;  # New files inherit parent's group
find $prefix/var -type d -exec \
      setfacl -dm u::rw,g::rw,o::r {} \;        # New files are 664 instead of 644

But my app also works with some profiles which will be created by the app, only after installation. These are in this path:

$prefix/home/<profile>/var

Is there a way for me to set up ACLs so:

  • If $prefix/home is ever created, it, and all directories that will be created under it (recursively) are created with g+s?
  • If $prefix/home/<profile>/var is ever created, it and all files that will be created under it (recursively) are created with g+rw?

It's tricky because $prefix/home doesn't exist yet, and I don't know what the value of <profile> when my installation script runs.

Stewart
  • 12,628
  • 1
  • 37
  • 80
  • Will `$prefix/home` ever contain any files or directories *other than* those matching your pattern? If not, then you should be able to create `$prefix/home` yourself in the installation script and assign it permissions similar to `$prefix/var`. The sub-directories will inherit the permissions as they are created, and so their sub-subdirectories will inherit them too. – telcoM Apr 23 '21 at 19:42

0 Answers0