Server.app가 쉘에서 공유하는 ACL 변경을 실행하는 방법은 무엇입니까? allow list,search,file_inherit,directory_inherit 19:

큰 공유에 권한을 적용 할 때 Server.app가 여러 시간 동안 작동하지만 끝나지 않는 것처럼 보입니다.

전체 공유에 대해 특정 사용자에게 읽기 + 쓰기 액세스 권한을 부여하는 셸 주문은 무엇입니까?

ls -le 다음 권한을 보여줍니다.

 0: user:admin allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity
 1: group:admin allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity
 2: user:_spotlight allow list,search,file_inherit,directory_inherit
 3: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 4: user:_spotlight allow list,search,file_inherit,directory_inherit
 5: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 6: user:_spotlight allow list,search,file_inherit,directory_inherit
 7: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 8: user:_spotlight allow list,search,file_inherit,directory_inherit
 9: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 10: user:_spotlight allow list,search,file_inherit,directory_inherit
 11: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 12: user:_spotlight allow list,search,file_inherit,directory_inherit
 13: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 14: user:_spotlight allow list,search,file_inherit,directory_inherit
 15: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 16: user:_spotlight allow list,search,file_inherit,directory_inherit
 17: user:_spotlight allow list,search,file_inherit,directory_inherit
 18: user:_spotlight allow list,search,file_inherit,directory_inherit
 19: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit

그러나 이러한 종류의 권한을 모방하는 스크립트를 조립 해야하는지 또는 더 간단하고 바람직한 방법이 있는지 확실하지 않습니다.

업데이트 : Server.app에 의해 실행 된 백그라운드에서 흥미로운 주문이 진행 중임을 발견했습니다.
/Applications/Server.app/Contents/ServerRoot/usr/share/servermgrd/bundles/server mgr_sharing.bundle/Contents/copyprivs -p /Volumes/path_to_share -f 32 -s /tmp/CopyPrivsTemp.B251lF

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>parentPath</key>
  <string>/Volumes/path_to_share</string>
  <key>status</key>
  <string>running</string>
</dict>
</plist>

에 대한 도움말 copyprivs:

Usage:
must be run as root

Deprecated Panther copy function:

-o <owner> : Owner name
-g <group> : Group name
-p <path>  : Path name
-m <mode>  : permissions mode in octal
Tiger propagate function:

-p <path>  : Path name
-f <flags>  : flag:
propagate UID  1 << 0
propagate GID  1 << 1
propagate ModeOwner  1 << 2
propagate ModeGroup  1 << 3
propagate ModeWorld  1 << 4
propagate ACL  1 << 5



답변