Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.4: Use Access Control Lists for fine-grained control' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.4: Use Access Control Lists for fine-grained control
Authored by: brianwells on May 06, '05 02:06:13PM

I tried this with an iTunes library and ran into problems.

The library is owned by my account, but I used this new feature to give my wife's account full access to it. Then I made a symlink from her Music folder so when she launches iTunes it looks to our shared library.

Unfortunately, iTunes reports that the library is read-only and quits.

Examining the permissions from the Terminal reveals that she does have full access, so it seems that iTunes is inspecting the Unix permissions and assuming that the second account does not have rights.

Anyone else have similar problems with ACLs and iTunes or perhaps another application?



[ Reply to This | # ]
10.4: Use Access Control Lists for fine-grained control
Authored by: hughescr on May 06, '05 03:57:19PM

The ACL permissions override the unix ones -- so once you've set ACLs on the files/directories, feel free to chmod o+rwx them -- then iTunes will see that the files are "world readable" if it looks only at the unix bits, but anyone who actually tried to read the file (instead of just stat-ing it) will not be able to if they're not in the ACL.



[ Reply to This | # ]
10.4: Use Access Control Lists for fine-grained control
Authored by: kaih on May 07, '05 06:14:12AM

This sounds strange to me - iTunes (or any other app for that matter) shouldn't look at unix permissions as such, it should ask the kernel "do I have access to this file?" and the kernel will consult the ACLs (if there are any) and then the unixperms and simply reply "yes" or "no"
Have you enabled ACLs on the volume, as detailed in one of the top comments? (I forgot to include this in my hint! d'oh!)

Cheers,
Kai

---
k:.



[ Reply to This | # ]
10.4: Use Access Control Lists for fine-grained control
Authored by: ashill on May 07, '05 02:37:00PM

Have you enabled ACLs on your volume, as noted in the hints below?



[ Reply to This | # ]
I get the same error.
Authored by: trentdavies on Jun 26, '05 12:17:26AM

I can second this problem. I've been experimenting with ACL's and get the read-only error accessing iTunes from a different user.

And yes, I ran sudo fsaclctl -p / -e.

This is odd... it seems to be an iTunes issue (I haven't tried iPhoto yet, though). As if iTunes is checking the unix bits itself. I've been able to "write" to the shared directory in question from the user with ACL-only access from both the CLI and TextEdit (among others), even with the unix bits set off.

(On a side note, the Finder's "Get Info" command displays the ACL settings of the object.)



[ Reply to This | # ]
However, works in Iphoto.
Authored by: trentdavies on Jun 26, '05 01:12:15AM

I just tried using ACL's with iPhoto. It (seems to) work like a charm; I'm able to access, maniputlate, and add photos as both users -- and the other sees the same result.

This must be an issue with iTunes...



[ Reply to This | # ]