Managing Systems and Workgroups: A Guide for HP-UX System Administrators
Administering a System: Managing System Security
Managing Access to Files and Directories
Chapter 8 757
❏ find: Can identify files whose ACL entries match or include
specific ACL patterns on HFS or JFS file systems. See find (1).
❏ ls -l: The long form indicates the existence of HFS or JFS ACLs
by displaying a + after the file’s permission bits. See ls (1).
❏ mailx: Does not support optional ACL entries on /var/mail/*
files. See mailx (1).
❏ compact, compress, cp, ed, pack, unpack: Copy ACL entries to
the new files they create. See compact (1), compress (1), cp (1), ed
(1), and pack (1).
❏ frecover, fbackup: Use only these to selectively recover and
back up files. Use the -A option when backing up from an ACL
system for recovery on a system that does not support ACLs. See
frecover (1M) and fbackup (1M).
❏ ar, cpio, ftio, shar, tar, dump, restore: These programs do not
retain ACLs when archiving and restoring. They use the
st_mode value returned by stat(). See ar (1), cpio (1), ftio (1),
shar (1), tar (1), dump (1M), restore (1M), and stat (2).
❏ rcs, sccs: These packages do not support ACLs. Do not place
ACL entries on system software. See rcs (1) and sccs (1).
• HFS access control lists use additional “continuation inodes” when
creating new file systems. Consider them when using the following
programs:
❏ fsck: Returns the number of files with ACL entries as a value for
icont
. Use the -p option to clear unreferenced continuation
inodes. See fsck (1M).
❏ diskusg, ncheck: Ignore continuation inodes. See diskusg (1M)
and ncheck (1M).
❏ mkfs: Allows for continuation inodes on new disks. See mkfs
(1M).