• Deiskos@lemmy.world
    link
    fedilink
    arrow-up
    13
    arrow-down
    1
    ·
    edit-2
    1 year ago

    I think it’s like this: what used to be group in regular permissions output is a union of group and ACL mask in ACL output. Mask sets the upper limit of what ACL can do, so if mask is rw- then it’s impossible to set a r-x ACL permission because allowing execution is not allowed.

    This seems to be more geared towards enterprise environment where it could be complicated to cleanly define groups, since you can only give access to one you might run into a problem where dept. A needs access to that directory but also person G from dept. B and person K from dept. C.

    • Eufalconimorph
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Yep, it’s basically a way to define new groups per directory. But these groups are hidden from the normal group commands!