Tengo una situación en la que Server.app funciona durante muchas horas, parece que nunca termina, al aplicar permisos en una gran parte.
¿Cuál es el conjuro de shell que aplicaría el acceso de lectura + escritura a un usuario específico para un recurso compartido completo?
ls -le muestra los siguientes permisos:
0: user:admin allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity
1: group:admin allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity
2: user:_spotlight allow list,search,file_inherit,directory_inherit
3: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
4: user:_spotlight allow list,search,file_inherit,directory_inherit
5: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
6: user:_spotlight allow list,search,file_inherit,directory_inherit
7: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
8: user:_spotlight allow list,search,file_inherit,directory_inherit
9: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
10: user:_spotlight allow list,search,file_inherit,directory_inherit
11: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
12: user:_spotlight allow list,search,file_inherit,directory_inherit
13: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
14: user:_spotlight allow list,search,file_inherit,directory_inherit
15: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
16: user:_spotlight allow list,search,file_inherit,directory_inherit
17: user:_spotlight allow list,search,file_inherit,directory_inherit
18: user:_spotlight allow list,search,file_inherit,directory_inherit
19: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
Pero no estoy completamente seguro de si debo armar un script que imite este tipo de permisos o si hay una forma más simple y preferible de hacerlo.
Actualización: encontré un conjuro interesante en el fondo que fue ejecutado por Server.app:
/Applications/Server.app/Contents/ServerRoot/usr/share/servermgrd/bundles/server mgr_sharing.bundle/Contents/copyprivs -p /Volumes/path_to_share -f 32 -s /tmp/CopyPrivsTemp.B251lF
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>parentPath</key>
<string>/Volumes/path_to_share</string>
<key>status</key>
<string>running</string>
</dict>
</plist>
Ayuda para copyprivs :
Usage:
must be run as root
Deprecated Panther copy function:
-o <owner> : Owner name
-g <group> : Group name
-p <path> : Path name
-m <mode> : permissions mode in octal
Tiger propagate function:
-p <path> : Path name
-f <flags> : flag:
propagate UID 1 << 0
propagate GID 1 << 1
propagate ModeOwner 1 << 2
propagate ModeGroup 1 << 3
propagate ModeWorld 1 << 4
propagate ACL 1 << 5