I work on a CentOS 7 server where I frequently have to manually grant specific users access to specific files or directories. We do this using file ACLs, but I often run into an issue where I have set the ACLs on the file, but the user still cannot access it because they don't have permission to cd into the directory containing the file and/or any number of its parent directories. What follows is a tedious process of:
- determining which specific directory or directories the user needs to be granted access to in order to actually give them access to the file; and
- determining whether granting access to those directories might accidentally give them access to something else they aren't supposed to access, and making any appropriate adjustments to fix this.
Step 2 represents unavoidable complexity of the situation, but it should at least be possible to automate step 1. Specifically, given a user ID and a path to an existing file, is there a way I can get a full list of which directories along that path are not currently accessible to that user?
0 Answers