# Grant default group permissions



## z662 (Sep 6, 2015)

I am trying to set a specific directory  (/var/shared/) to grant anyone in the "coder" group read and write access.

I thought that this command `setfacl -m u::rwx,g:coder:rw /var/shared` would do it but am wondering now if there are some issues with ZFS per this article at the very bottom: http://vladvasiliu.com/post/2013-08-17_03-setting_default_nfsv4_acls_on_freebsd.html


```
brad@mercury:/var/shared$ ls -al
total 18
drwxrw---T  2 brad  coder  4 Sep  5 22:59 .
drwxr-xr-x  25 root  wheel  25 Sep  5 22:27 ..
-rwxrw---T  1 brad  coder  4209 Sep  5 22:29 perlbot.pl
-rwxrw---T  1 brad  coder  180 Sep  5 22:29 test.pl
brad@mercury:/var/shared$ setfacl -m u::rwx,g:coder:rw /var/shared
setfacl: /var/shared: branding mismatch; existing ACL is NFSv4, entry to be merged is POSIX.1e
```

On a sidenote, I intentionally did not want to give execute perms to that directory by default in case there was an issue where a poorly written script would kick off and perhaps try to run everything in the same directory or whatever.  Is that a standard approach, and is it always preferred to manually grant +x to a file?  I imagine this would result in slightly better security.

Thanks


----------



## z662 (Sep 9, 2015)

bump


----------

