KatolaZ wrote:
Joel Roth wrote:

> > You can also join the user to the kvm group:
> >
> > ls -l /dev/kvm
> >
> > crw-rw----+ 1 root kvm 10, 232 May 11 11:02 /dev/kvm
> >
> > btw, 'c' means character mode device. Does anyone know what
> > the '+' suffix means, and how you set it?
> >
>
> The "+" means that you have an ACL (Access Control List) set for that
> file. You manage ACLs with setfacl and getfacl.

Interesting, because of the ACL settings I didn't need to
use root nor join the kvm group:

$ getfacl /dev/kvm
getfacl: Removing leading '/' from absolute path names
# file: dev/kvm
# owner: root
# group: kvm
user::rw-
user:jroth:rw-
group::rw-
mask::rw-
other::---

I hope these ACLs are used sparingly in Devuan/Debian. The permissions model
itself has taken a long time for me to grok.

Hmm, so why do files like /etc/apt/sources.list have ACLs?
Oh, I see they change automagically when permissions change.
Guess I'll look for a tutorial somewheres.

I'd thought ACL was something I could ignore, like selinux,
without consequence.

I think of the analogy with the suprise nay frustration I
faced when settings in /etc/someapp not working as expected
because of stuff in /etc/default/someapp I hadn't known
about.

cheers,

Joel

> HND
>
> KatolaZ
>
> --
> [ Enzo Nicosia aka KatolaZ --- GLUG Catania -- Freaknet Medialab ]
> [ me [at] katolaz.homeunix.net -- http://katolaz.homeunix.net -- ]
> [ GNU/Linux User:#325780/ICQ UIN: #258332181/GPG key ID 0B5F062F ]
> [ Fingerprint: 8E59 D6AA 445E FDB4 A153 3D5A 5F20 B3AE 0B5F 062F ]

--
Joel Roth