For years I've used the strong-armed-duo of these two suckers...
sudo chmod +a "localadmin allow read,write,append,execute,\
delete,readattr,writeattr,readextattr,writeextattr,\
readsecurity,writesecurity,chown"
sudo chmod +a "localadmin allow list,search,add_file,add_subdirectory,\
delete_child,readattr,writeattr,readextattr,\
writeextattr,readsecurity,writesecurity,chown"
to, for what I figured was a recursive, and all-encompassing, whole-volume-go-ahead for each and every privilege available (for a user, localadmin
). Nice when I, localadmin
, want to "do something" without a lot of whining about permissions, etc.
The beauty is, this method obviates the necessity to change ownership / group membership, or executable bit on anything. But is it recursive? I am beginning to think, it's not. If so, how do I do THAT? And how can one check something like this? Adding this single-user to the ACL doesn't show up in the Finder, so… Alright, cheers.
Neither of those includes a target that I can see, so I'm not sure what you intend them to apply to.
The
chmod
manpage makes it pretty clear that-R
applies things recursively, otherwise they apply to the named objects and nothing else.