doc/man/apply-default-acl.1

   1 .TH apply-default-acl 1
   2
   3 .SH NAME
   4 apply-default-acl \- Apply default POSIX ACLs to files and directories.
   5
   6 .SH SYNOPSIS
   7
   8 \fBapply-default-acl\fR [\fB-rx\fR] \fIpath\fR [\fIpath2 ...\fR]
   9
  10 .SH DESCRIPTION
  11
  12 .P
  13 If the directory containing \fIpath\fR has a default ACL, the ACL on
  14 \fIpath\fR is replaced with that default. Neither symbolic nor hard
  15 links are followed; symbolic links are ignored in all path components
  16 to avoid a dangerous race condition.
  17
  18 .P
  19 By default, a heuristic is used to determine whether or not the
  20 execute bit is masked on \fIpath\fR. If \fIpath\fR is not a directory,
  21 and no user or group has \fBeffective\fR execute permissions on
  22 \fIpath\fR, then the execute bit will not masked. Otherwise, it is
  23 left alone. In effect we pretend that the \fBx\fR permission acts like
  24 the \fBX\fR (note the case difference) permission of \fBsetfacl\fR.
  25
  26 .P
  27 This behavior can be modified with the \fB--no-exec-mask\fR flag.
  28
  29 .SH OPTIONS
  30
  31 .IP \fB\-\-recursive\fR,\ \fB\-r\fR
  32 Apply default ACLs recursively. This works top-down, so if directory
  33 \fBfoo\fR is in another directory \fBbar\fR which has a default ACL,
  34 then \fBbar\fR's default ACL will be applied to \fBfoo\fR before the
  35 contents of \fBfoo\fR are processed.
  36
  37 .IP \fB\-\-no-exec-mask\fR,\ \fB\-x\fR
  38 Apply the default ACL literally; that is, don't use a heuristic to
  39 decide whether or not to mask the execute bit. This usually results in
  40 looser-than-necessary execute permissions.