Most unix derivates can copy ACLs from one file to another with:
getfacl filename1 | setfacl -f - filename2
Unfortunately Mac OS X does not have the getfacl and setfacl commands, as they have rolled ACL handling into chmod. chmod -E accepts a list of ACLs on stdin, but I haven't found a command that will spit out ACLs in a suitable format on stdout. The best I have come up with is:
ls -led filename1 | tail +2 | sed 's/^ *[0-9][0-9]*: *//' | chmod -E filename2
Is there a more robust solution?
Bonus question: is there a nice way to do it in Python, without using any modules that aren't shipped with 10.6?
Best Answer
ls -e
Print the Access Control List (ACL) associated with the file, if present, in long (-l) output.this gives a result such as...
Personally, I have "exports" in my
~/.bash_profile
that make such a
chmod
possible...sudo chmod +a "allow localadmin $DIR_ALL" /APPBUNDLE
From the
chmod
man page, there is this bit of info... that hints that it may indeed be possible to do something like you describe.."ACLs are manipulated using extensions to the symbolic mode grammar. Each file has one ACL, containing an ordered list of entries. Each entry refers to a user or group, and grants or denies a set of permissions. In cases where a user and a group exist with the same name, the user/group name can be prefixed with "user:" or "group:" in order to specqify the type of name."
Also, I'll give a shout out to BatchMod, an oldie, but a goodie for ACL's, as well as TinkerToolSystem.