Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server File Services
21222324252627282930
The ACL Use Model
The ACL use model focuses on access control at the folder level, with most ACLs
applied to les as the result of inheritance.
Folder-level control determines which users have access to the contents of a folder.
Inheritance determines how a dened set of permissions and rules pass from the
container to the objects in it.
Without use of this model, administration of access control would quickly become
a nightmare: you would need to create and manage ACLs on thousands or millions
of les.
In addition, controlling access to les through inheritance frees applications from
maintaining extended attributes or explicit ACEs when saving a le because the
system applies inherited ACEs to les. For information about explicit ACEs, see Explicit
and Inherited ACEs on page 23.
ACLs and Standard Permissions
You can set ACL permissions for les and folders in addition to standard permissions.
For more information about how Mac OS X Server uses ACL and standard permissions
to determine what users can and cannot do to a le or folder, see Rules of
Precedence” on page 26.
ACL Management
In Mac OS X Server, you create and manage ACLs in the Permissions pane of File
Sharing in Server Admin. The Get Info window in Finder displays the logged-in users
eective permissions. For information about setting up and managing ACLs, see
“Setting ACL Permissions” on page 38 and “Managing Share Point Access Privileges” on
page 50.
In addition to using Server Admin to set and view ACL permissions, you can also use
the ls and chmod command-line tools. For more information, see the corresponding
man pages and Introduction to Command-Line Administration.
You dene ACLs for share points, les, and folders using Server Admin.
Supported Volume Formats and Protocols
Only HFS+ provides local le system support for ACLs. In addition, only SMB and
AFP provide network le system support for ACLs in Windows and Apple networks
respectively.
Access Control Entries (ACEs)
An ACE is an entry in an ACL that species, for a group or a user, access permissions to
a le or folder, and the rules of inheritance.
22 Chapter 2 Setting Up File Service Permissions