How do I change ACL permissions on DartFS?

DartFS does not have standard POSIX permissions, rather it uses Access Control Lists (ACL), which has a more sophisticated and comprehensive rules. An ACL in NFSv4 is a list of rules setting permissions on files or directories. A permission rule, or Access Control Entry (ACE), is of the form type:flags:principle:permissions .

Commonly used entries for these fields are:

  • type: A (allow) or D (deny)
  • flags: g (group), d (directory-inherit), f (file-inherit), n (no-propagate-inherit), or i (inherit-only)
  • principle: a named user (, a group, or one of three special principles: OWNER@, GROUP@, and EVERYONE@.
  • permissions: there are 14 permission characters, as well as the shortcuts R, W, and X.

To see the actual permissions on Dartfs we now need to use nfs4_getfacl and nfs4_setfacl . RC has a useful command for getting a quick summary.

listacl -v /some/path

Here is an example for how to give read/write/execute permissions recursively to a
directory tree for a specific group (e.g., rc-DBIC).

nfs4_setfacl -R -a "A:fd:GROUP@:RWX" DIRECTORY_NAME

The ‘RWX’ is alias for ‘rctncy’, which is what ‘listacl’ and ‘nfs4_getfacl’
will show you, and now ‘ls -l’ will show group rwx.