[OpenAFS] Windows app to recursively apply ACLs - AFSACL

Russ Allbery eagle@eyrie.org
Fri, 09 May 2014 09:01:06 -0700

Jeffrey Altman <jaltman@your-file-system.com> writes:

> In addition, the recursive behavior crosses volume boundaries because it
> is unaware of mount points and symlinks.  The side effect of this tool
> is that it will add/modify the specified user/group to the ACL of every
> object that can be reached as a subdirectory.  It will not follow the
> behavior of Windows that when applying recursive security permissions
> that the permissions on the children object must match those set on the
> parent.

There are various safeguards built into the UNIX version of the same tool
(fsr) available as part of afs-admin-tools:


That might be worth looking at as an example for some approaches to some
of these problems, although of course it doesn't follow Windows semantics.

Russ Allbery (eagle@eyrie.org)              <http://www.eyrie.org/~eagle/>