--- /dev/null
+.TH apply-default-acl 1
+
+.SH NAME
+apply-default-acl \- Apply default POSIX ACLs to files and directories.
+
+.SH SYNOPSIS
+
+\fBapply-default-acl\fR [\fB-rx\fR] \fIpath\fR [\fIpath2 ...\fR]
+
+.SH DESCRIPTION
+
+.P
+If the directory containing \fIpath\fR has a default ACL, the ACL on
+\fIpath\fR is replaced with that default. Symbolic links are not
+followed.
+
+.P
+By default, a heuristic is used to determine whether or not the
+execute bit is masked on \fIpath\fR. If \fIpath\fR is not a directory,
+and no user or group has \fBeffective\fR execute permissions on
+\fIpath\fR, then the execute bit will not masked. Otherwise, it is
+left alone. In effect we pretend that the \fBx\fR permission acts like
+the \fBX\fR (note the case difference) permission of \fBsetfacl\fR.
+
+.P
+This behavior can be modified with the \fB--no-exec-mask\fR flag.
+
+.SH OPTIONS
+
+.IP \fB\-\-recursive\fR,\ \fB\-r\fR
+Apply default ACLs recursively. This works top-down, so if directory
+\fBfoo\fR is in another directory \fBbar\fR which has a default ACL,
+then \fBbar\fR's default ACL will be applied to \fBfoo\fR before the
+contents of \fBfoo\fR are processed.
+
+.IP \fB\-\-no-exec-mask\fR,\ \fB\-x\fR
+Apply the default ACL literally; that is, don't use a heuristic to
+decide whether or not to mask the execute bit. This usually results in
+looser-than-necessary execute permissions.
projects / apply-default-acl.git / commitdiff