ACL Inheritance
The purpose of using ACL inheritance is so that a newly created file or directory can inherit the ACLs they are intended to inherit, but without disregarding the existing permissions on the parent directory.
By default, ACLs are not propagated. If you set a non-trivial ACL on a directory, it is not inherited by any subsequent directory. You must specify the inheritance of an ACL on a file or directory.
The optional inheritance flags are described in the following table.
Table 8–3 ACL Inheritance Flags|
Inheritance Flag |
Compact Inheritance Flag |
Description |
|---|---|---|
|
file_inherit |
f |
Inherit the ACL from the parent directory but only applies to the directory's files. |
|
dir_inherit |
d |
Inherit the ACL from the parent directory but only applies to the directory's subdirectories. |
|
inherit_only |
i |
Inherit the ACL from the parent directory but applies only to newly created files or subdirectories and not the directory itself. This flag requires the file_inherit flag, the dir_inherit flag, or both, to indicate what to inherit. |
|
no_propagate |
n |
Only inherit the ACL from the parent directory to the first-level contents of the directory, not the second-level or subsequent contents. This flag requires the file_inherit flag, the dir_inherit flag, or both, to indicate what to inherit. |
|
- |
N/A |
No permission granted. |
In addition, you can set a default ACL inheritance policy on a file system that is more strict or less strict by using the aclinherit file system property. For more information, see the next section.
- © 2010, Oracle Corporation and/or its affiliates