site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:cc:message-id:from:to :in-reply-to:content-type:content-transfer-encoding:mime-version :subject:date:references:x-mailer; bh=RESpLIilQcHX9CJVXCTtW61cDtEb4A9tqRU2+hJEf24=; b=Rcf8VANZeg+SUKpJE7UIXOvRHTUiU/IC4uLw7Sfe1Iiy+N9TYMCDsgItB0BYoG2t1B xHXS6tFdOsFGv/L9H3rhCRF53pioGEBPLiFVWLMjK47+3UYwxdeDYag3F2gH1gDo8P26 2d/Kw8ZKYYaPkEcdRYbXibAt1uQM5OchIODto= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=cc:message-id:from:to:in-reply-to:content-type :content-transfer-encoding:mime-version:subject:date:references :x-mailer; b=nQ6bkE57ApHjjNjalA+PuoFkTFm4wDq/Fx5JSYNasz90+9ko771UGE0tQHX/HP63xy Cr3dEZlwfHmHpPcL49wr92071MhQKsk2sKnvOrRM1/rtjCAExNeSE7K6GNQbdgUaN81x BAFXgWtW1qd3yra9cSpvO6NYzYHcd1pvw35Cc= Ben, Jeremy S. Albrecht http://c0dedbad.com On 20 Feb 2009, at 17:32, Benjamin Huntsman wrote: Hi all! Many thanks to all in advance!! _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... Check out a program called Sandbox ( http://www.mikey-san.net/ sandbox/ ) for easy ACL work. When I have an issue similar to yours I basically set the ACL as desired on the parent directory, tell it that it's inherited from it's parent, and then propagate it to all subfolders, *then* take away the "inherited" flag from the parent folder. A bit of a round-about way to do it, but it works. This may not be the right list, but perhaps someone could point me in the right direction regarding ACL's on Mac OS X... I've got an XServe running 10.4, with an attached Xserve RAID. The raid array is running XSan, and mounted as a single volume under / Volumes. The Xserve is joined to an Active Directory domain, which it uses for authentication. The folders at the root of the XSan volume are configured as SMB shares, so that Windows clients can access them. So here's the catch... we want to have a certain group in the Active Directory domain control access to one of the folders on the Xsan volume. When the server was set up, they were using UNIX permissions (user, group, others) to configure access, which became problematic as more and more users were added to the system. Switching to ACL's after the fact though, hasn't worked very well. The Active Directory group is added in Workgroup Manager to the folder, and set to propagate, but it doesn't do so to all subfolders, especially those that were present before the change. I set up a test volume on a dmg to experiment via the command line, and found that if you set an ACL with inheritance on a folder that ALREADY contains a subfolder, the subfolder won't automatically inherit the ACL from it's parent, but all subsequently created folders or files will. So my question is, is there a way, via the command line or otherwise, to essentially tell a folder or file to "re-inherit" it's ACL list from it's parent? I can do 'chmod -R +a "<acl>" folder', but that's not what we're after... -Ben This email sent to site_archiver@lists.apple.com