What is the exact purpose of `mask` in file system ACL?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












When I apply default ACL in a directory I see default:mask or just mask in the following two scenario.



Scenario 1



-bash-4.2$ ls -ld test/
drwxr-x---. 2 test test 4096 Oct 15 19:12 test/

-bash-4.2$ setfacl -d -m u:arif:rwx test/

-bash-4.2$ getfacl --omit-header test
user::rwx
group::r-x
other::---
default:user::rwx
default:user:arif:rwx
default:group::r-x
default:mask::rwx
default:other::---


Scenario 2



-bash-4.2$ ls -dl dir/
drwxr-x---. 2 test test 4096 Oct 15 18:17 dir/

-bash-4.2$ getfacl dir
# file: dir
# owner: test
# group: test
user::rwx
group::r-x
other::---

-bash-4.2$ setfacl -m user:arif:rwx dir

-bash-4.2$ getfacl --omit-header dir
user::rwx
user:arif:rwx
group::r-x
mask::rwx
other::---


So what is the purpose of mask here?









share

























    up vote
    0
    down vote

    favorite












    When I apply default ACL in a directory I see default:mask or just mask in the following two scenario.



    Scenario 1



    -bash-4.2$ ls -ld test/
    drwxr-x---. 2 test test 4096 Oct 15 19:12 test/

    -bash-4.2$ setfacl -d -m u:arif:rwx test/

    -bash-4.2$ getfacl --omit-header test
    user::rwx
    group::r-x
    other::---
    default:user::rwx
    default:user:arif:rwx
    default:group::r-x
    default:mask::rwx
    default:other::---


    Scenario 2



    -bash-4.2$ ls -dl dir/
    drwxr-x---. 2 test test 4096 Oct 15 18:17 dir/

    -bash-4.2$ getfacl dir
    # file: dir
    # owner: test
    # group: test
    user::rwx
    group::r-x
    other::---

    -bash-4.2$ setfacl -m user:arif:rwx dir

    -bash-4.2$ getfacl --omit-header dir
    user::rwx
    user:arif:rwx
    group::r-x
    mask::rwx
    other::---


    So what is the purpose of mask here?









    share























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      When I apply default ACL in a directory I see default:mask or just mask in the following two scenario.



      Scenario 1



      -bash-4.2$ ls -ld test/
      drwxr-x---. 2 test test 4096 Oct 15 19:12 test/

      -bash-4.2$ setfacl -d -m u:arif:rwx test/

      -bash-4.2$ getfacl --omit-header test
      user::rwx
      group::r-x
      other::---
      default:user::rwx
      default:user:arif:rwx
      default:group::r-x
      default:mask::rwx
      default:other::---


      Scenario 2



      -bash-4.2$ ls -dl dir/
      drwxr-x---. 2 test test 4096 Oct 15 18:17 dir/

      -bash-4.2$ getfacl dir
      # file: dir
      # owner: test
      # group: test
      user::rwx
      group::r-x
      other::---

      -bash-4.2$ setfacl -m user:arif:rwx dir

      -bash-4.2$ getfacl --omit-header dir
      user::rwx
      user:arif:rwx
      group::r-x
      mask::rwx
      other::---


      So what is the purpose of mask here?









      share













      When I apply default ACL in a directory I see default:mask or just mask in the following two scenario.



      Scenario 1



      -bash-4.2$ ls -ld test/
      drwxr-x---. 2 test test 4096 Oct 15 19:12 test/

      -bash-4.2$ setfacl -d -m u:arif:rwx test/

      -bash-4.2$ getfacl --omit-header test
      user::rwx
      group::r-x
      other::---
      default:user::rwx
      default:user:arif:rwx
      default:group::r-x
      default:mask::rwx
      default:other::---


      Scenario 2



      -bash-4.2$ ls -dl dir/
      drwxr-x---. 2 test test 4096 Oct 15 18:17 dir/

      -bash-4.2$ getfacl dir
      # file: dir
      # owner: test
      # group: test
      user::rwx
      group::r-x
      other::---

      -bash-4.2$ setfacl -m user:arif:rwx dir

      -bash-4.2$ getfacl --omit-header dir
      user::rwx
      user:arif:rwx
      group::r-x
      mask::rwx
      other::---


      So what is the purpose of mask here?







      linux permissions acl umask





      share












      share










      share



      share










      asked 3 mins ago









      muhammad

      509514




      509514

























          active

          oldest

          votes











          Your Answer







          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "106"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          convertImagesToLinks: false,
          noModals: false,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













           

          draft saved


          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f475698%2fwhat-is-the-exact-purpose-of-mask-in-file-system-acl%23new-answer', 'question_page');

          );

          Post as a guest



































          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes















           

          draft saved


          draft discarded















































           


          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f475698%2fwhat-is-the-exact-purpose-of-mask-in-file-system-acl%23new-answer', 'question_page');

          );

          Post as a guest













































































          Popular posts from this blog

          How to check contact read email or not when send email to Individual?

          Displaying single band from multi-band raster using QGIS

          How many registers does an x86_64 CPU actually have?