GhostCat GhostCat - 2 months ago 10
Linux Question

Best ways to manipulate getfacl output?

Here I figured that using "chgrp -R" resets the setuid bits on my binaries; which causes quite some grieve for our application.

Still, I have to run two commands to ensure that all things belong to a certain user; and that all things have "g+w" on them.

I think "most controlled" way of getting to that:


  1. Run getfacl and create a "textual snapshot" of the current settings

  2. Rework that file

  3. Apply with setfacl



So, I need to process a file like this:

Lines with

# group: root


should turn into

# group: whatever


and lines like

group::?-?


should become

group::?w?


Preserving the actual 'wildcard' content: what I mean is: I only want to "enable" w; and I dont want to change anything else on that line.

Example:

group::r--


gets

group::rw-


and

group::--x


becomes

group::-wx


Now I need to turn that into some bash/sed/awk thing. Can somebody help?

( I already figured the first part

sed s/'^# group: root'/'#group: nobody'/g


but struggling with the rest)

Answer

You can use sed similarly to the following examples:

echo 'group::?-?' | sed 's/\(^group::.\).\(.\)/\1w\2/'  # gives  group::?w?

echo '#group:root' | sed 's/\(^#group:\).*/\1whatever/' # gives  #group:whatever