Coming from a long history of being a Linux user, I've had plenty of familiarity with using
setfacl to modify how the system behaved around particular files. After a few years of using SmartOS, I'm rather happy to have found out that Sun appears to have folded all of this functionality into their
chmod. A brief read through the man page will likely be a much better-written experience, but for now, here are the highlights.
Unfortunately, this version of
chmod is now only available in the Global Zone, as the GNU version of
chmod is being used in SmartMachine zones.
Absolute & Symbolic Mode
chmod does everything you'd expect
chmod to do, namely changing the absolute file modes for the standard user, group, and everyone else.
In addition to standard behavior, chmod also allows for the setting of ACL permissions, ie:
chmod A+user:admin:rwx ./filegrants the user
adminthe full set of permissions on
chmod A+group:nobody:r ./filegrants the group
nobodyread access to
NFSv4 style ACLs are also supported, which have much finer grained permissions. This is excellently documented in the man pages, so I will keep this section short by just pointing in that direction.
The part that caused me to take note enough to write a blog post on it, attribute operation is
chattr like functionality. It's actually quite poorly documented, which is why we're going to focus on that for a bit.
Hremoves a file from the directory listing of the directory it resides in.
Rfile cannot be written to (cannot change or append)
ufile cannot be unlinked.
imakes a file completely immutable (cannot change, append, truncate, or unlinked.)
acan only append to an existing file.
dfile will not be included in a filesystem dump.
qfile has been quarantined by the antivirus subsystem.
mfile has been modified by the antivirus subsystem.
sdoes not apply to ZFS file systems, as sparsity is standard.