13 $ mkdir d2 d3 d4 d5 d6 d7
14 $ touch d2/f d3/f d4/f d5/f d6/f d7/f d7/g
18 $ nfs4acl --set 'daemon:wx::allow' d4
19 $ nfs4acl --set 'daemon:d::allow' d5
20 $ nfs4acl --set 'daemon:xd::allow' d6
21 $ nfs4acl --set 'daemon:D::allow' d7/f d7/g
24 $ mkdir s2 s3 s4 s5 s6 s7
25 $ chmod +t s2 s3 s4 s5 s6 s7
26 $ touch s2/f s3/f s4/f s5/f s6/f s7/f s7/g
30 $ nfs4acl --set 'daemon:wx::allow' s4
31 $ nfs4acl --set 'daemon:d::allow' s5
32 $ nfs4acl --set 'daemon:xd::allow' s6
33 $ nfs4acl --set 'daemon:D::allow' s7/f
34 $ nfs4acl --set 'daemon:D::allow' s7/g s7/g
39 Cannot delete files without permissions:
41 > rm: cannot remove `n1/f': Permission denied
43 Can delete files we own:
46 Cannot delete files where we are in the owning group in a non-sticky directory,
47 but not in a sticky one:
49 > rm: cannot remove `s3/f': Operation not permitted
51 "Write_data/execute" access does not include delete_child access, and so this
52 is not enough for deleting:
54 > rm: cannot remove `d4/f': Permission denied
55 > rm: cannot remove `s4/f': Permission denied
57 "Delete_child" access alone also is not sufficient:
59 > rm: cannot remove `d5/f': Permission denied
60 > rm: cannot remove `s5/f': Permission denied
62 "Execute/delete_child" on the directory does allow that, though, but only in
63 a non-sticky directory:
65 > rm: cannot remove `s6/f': Operation not permitted
67 "Delete" on the child itself overrides the sticky check as well:
70 But Delete is not a subset of POSIX read/write, so chmod turns it off:
72 > rm: cannot remove `d7/g': Permission denied
73 > rm: cannot remove `s7/g': Permission denied