1

У меня проблема с множеством дубликатов в назначениях ACL для различных файлов и папок. Я не буду вдаваться в подробности того, как или почему это произошло (мы можем поблагодарить Server.app ошибки), но суть в том, что у меня сейчас есть много тысяч файлов и папок с такими атрибутами:

$ ls -le:

dr-xr-x---+    4 myusername  staff           4 Sep 16  2016 tmp
 0: user:_spotlight allow list,search,file_inherit,directory_inherit
 1: user:_spotlight allow list,search,file_inherit,directory_inherit
 2: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 3: user:_spotlight allow list,search,file_inherit,directory_inherit
 4: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 5: user:_spotlight allow list,search,file_inherit,directory_inherit
 6: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 7: user:_spotlight allow list,search,file_inherit,directory_inherit
 8: user:_spotlight allow list,search,file_inherit,directory_inherit
 9: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 10: user:_spotlight allow list,search,file_inherit,directory_inherit
 11: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 12: user:_spotlight allow list,search,file_inherit,directory_inherit
 13: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 14: user:_spotlight allow list,search,file_inherit,directory_inherit
 15: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 16: user:_spotlight allow list,search,file_inherit,directory_inherit
 17: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 18: user:_spotlight allow list,search,file_inherit,directory_inherit
 19: user:_spotlight allow list,search,file_inherit,directory_inherit
 20: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 21: user:_spotlight allow list,search,file_inherit,directory_inherit
 22: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 23: user:_spotlight allow list,search,file_inherit,directory_inherit
 24: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 25: user:_spotlight allow list,search,file_inherit,directory_inherit
 26: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 27: user:_spotlight allow list,search,file_inherit,directory_inherit
 28: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 29: user:_spotlight allow list,search,file_inherit,directory_inherit
 30: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 31: user:_spotlight allow list,search,file_inherit,directory_inherit
 32: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 33: user:_spotlight allow list,search,file_inherit,directory_inherit
 34: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 35: user:_spotlight allow list,search,file_inherit,directory_inherit
 36: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 37: user:_spotlight allow list,search,file_inherit,directory_inherit
 38: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 39: user:_spotlight allow list,search,file_inherit,directory_inherit
 40: user:_spotlight allow list,search,file_inherit,directory_inherit
 41: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 42: user:_spotlight allow list,search,file_inherit,directory_inherit
 43: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 44: user:_spotlight allow list,search,file_inherit,directory_inherit
 45: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 46: user:_spotlight allow list,search,file_inherit,directory_inherit
 47: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 48: user:_spotlight allow list,search,file_inherit,directory_inherit
 49: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 50: user:_spotlight allow list,search,file_inherit,directory_inherit
 51: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 52: user:_spotlight allow list,search,file_inherit,directory_inherit
 53: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 54: user:_spotlight allow list,search,file_inherit,directory_inherit
 55: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 56: user:_spotlight allow list,search,file_inherit,directory_inherit
 57: user:_spotlight allow list,search,file_inherit,directory_inherit
 58: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 59: user:_spotlight allow list,search,file_inherit,directory_inherit
 60: user:_spotlight allow list,search,file_inherit,directory_inherit
 61: user:_spotlight allow list,search,file_inherit,directory_inherit
 62: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 63: user:_spotlight allow list,search,file_inherit,directory_inherit
 64: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 65: user:_spotlight allow list,search,file_inherit,directory_inherit
 66: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 67: user:_spotlight allow list,search,file_inherit,directory_inherit
 68: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 69: user:_spotlight allow list,search,file_inherit,directory_inherit
 70: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 71: user:_spotlight allow list,search,file_inherit,directory_inherit
 72: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 73: user:_spotlight allow list,search,file_inherit,directory_inherit
 74: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 75: user:_spotlight allow list,search,file_inherit,directory_inherit
 76: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 77: user:_spotlight allow list,search,file_inherit,directory_inherit
 78: user:_spotlight allow list,search,file_inherit,directory_inherit
 79: user:_spotlight allow list,search,file_inherit,directory_inherit
 80: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 81: user:_spotlight allow list,search,file_inherit,directory_inherit
 82: user:_spotlight allow list,search,file_inherit,directory_inherit
 83: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit
 84: user:_spotlight allow list,search,file_inherit,directory_inherit
 85: user:_spotlight allow list,search,file_inherit,directory_inherit
 86: user:_spotlight allow list,search,file_inherit,directory_inherit
 87: user:_spotlight allow list,search,file_inherit,directory_inherit
 88: user:_spotlight allow list,search,file_inherit,directory_inherit
 89: user:_spotlight allow list,search,file_inherit,directory_inherit
 90: user:_spotlight allow list,search,file_inherit,directory_inherit
 91: user:_spotlight allow list,search,file_inherit,directory_inherit
 92: user:_spotlight allow list,search,file_inherit,directory_inherit
 93: user:_spotlight allow list,search,file_inherit,directory_inherit
 94: user:_spotlight allow list,search,file_inherit,directory_inherit
 95: user:_spotlight allow list,search,file_inherit,directory_inherit
 96: user:_spotlight allow list,search,file_inherit,directory_inherit
 97: user:_spotlight allow list,search,file_inherit,directory_inherit
 98: user:_spotlight allow list,search,file_inherit,directory_inherit
 99: user:_spotlight allow list,search,file_inherit,directory_inherit
 100: user:_spotlight allow list,search,file_inherit,directory_inherit
 101: user:_spotlight allow list,search,file_inherit,directory_inherit
 102: user:_spotlight allow list,search,file_inherit,directory_inherit
 103: user:_spotlight allow list,search,file_inherit,directory_inherit
 104: user:_spotlight allow list,search,file_inherit,directory_inherit
 105: user:_spotlight allow list,search,file_inherit,directory_inherit
 106: user:_spotlight allow list,search,file_inherit,directory_inherit
 107: user:_spotlight allow list,search,file_inherit,directory_inherit
 108: user:_spotlight allow list,search,file_inherit,directory_inherit
 109: user:_spotlight allow list,search,file_inherit,directory_inherit
 110: user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit

В итоге получается, что здесь есть только два задания:

  • user:_spotlight allow list,search,file_inherit,directory_inherit
  • user:myusername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit

Я могу разорвать все эти атрибуты примерно так (я использую find чтобы убедиться, что я не схожу с ума, так как он работает часами, и я хочу быть уверен, что он все еще работает против зависания):

sudo find $PATH -print -exec /bin/chmod -vv -h -N {} \; -exec /bin/chmod -vv -R -L -N {} \;

Но это просто удаляет все. Поскольку здесь происходит совместное использование, могу ли я просто уничтожить все эти ACL-списки и заставить все нормально работать с совместным использованием SMB в macOS, или мне нужно по крайней мере применить некоторый минимальный набор ACL, например, chmod -R +a "user:mysuername allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit" $PATH?

0