Re: [Acl-devel] Man page patch for setfacl

[Andreas Grünbacher]

2018-01-22 16:37 GMT+01:00 Michael Orlitzky <address@hidden>:
> On 01/22/2018 09:20 AM, Kenneth Dsouza wrote:
>>
>> In my humble opinion, it is better to document this behaviour as most
>> of the modern distros have stopped the creation of numeric usernames.
>> Changing the code is complex and it would break other condition. As we
>> will need a new option for the above case.
>>
>
> Let me muddy the waters a bit =)
>
> It looks like the patch is actually correct according to the draft
> standard. I don't know if there's an official spin laying around
> somewhere, but I found a copy here:
>
> http://wt.tuxomania.net/publications/posix.1e/download/Posix_1003.1e-990310.ps.gz
>
> On page 51, it says,
>
>   If the uid value does not match a user name, then the ACL entry shall
>   specify the access permissions granted to the user ID matching the
>   numeric uid value.
>
> (And the same thing goes for groups.) So copying coreutils would more
> closely follow the standard, at the expense of backwards compatibility.

Take a look at the chown and chgrp utilities, which behave the same
way as setfacl does today. There's nothing wrong with that. If you
create all-numeric user names, you deserve all the troubles you've
been asking for.

Andreas