[gpfsug-discuss] Adding to an existing GPFS ACL

[Buterbaugh, Kevin L]

Hi All,

First off, I have very limited experience with GPFS ACL’s, so please forgive me if I’m missing something obvious here.  AFAIK, this is the first time we’ve hit something like this…

We have a fileset where all the files / directories have GPFS NFSv4 ACL’s set on them.  However, unlike most of our filesets where the same ACL is applied to every file / directory in the share, this one has different ACL’s on different files / directories.  Now we have the need to add to the existing ACL’s … another group needs access.  Unlike regular Unix / Linux ACL’s where setfacl can be used to just add to an ACL (i.e. setfacl -R g:group_name:rwx), I’m not seeing where GPFS has a similar command … i.e. mmputacl seems to expect the _entire_ new ACL to be supplied via either manual entry or an input file.  That’s obviously problematic in this scenario.

So am I missing something?  Is there an easier solution than writing a script which recurses over the fileset, gets the existing ACL with mmgetacl and outputs that to a file, edits that file to add in the new group, and passes that as input to mmputacl?  That seems very cumbersome and error prone, especially if I’m the one writing the script!

Thanks…

Kevin
—
Kevin Buterbaugh - Senior System Administrator
Vanderbilt University - Advanced Computing Center for Research and Education
Kevin.Buterbaugh at vanderbilt.edu<mailto:Kevin.Buterbaugh at vanderbilt.edu> - (615)875-9633

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20190327/368fde2b/attachment.htm>