SUP(8)
NAME
sup − set UNIX-style protection
SYNTAX
/etc/sup directory ...
DESCRIPTION
Sup modifies each named directory so that new files and subdirectories created within that directory will receive UNIX-style protection. Normally, new files and directories that are created from DOMAIN/IX programs (using creat(2), open(2), mknod(2), or mkdir(2)) receive UNIX-style protection, but files and directories created by non-DOMAIN/IX programs (including the Display Manager) receive the initial (default) ACL of the directory in which they are created. The sup command arranges that all objects created in a directory to which sup has been applied will receive UNIX-style protection, i.e., owner, group and world rights based on the identity of the creating process.
EXAMPLE
To apply sup recursively to an entire directory hierarchy, type (in a Bourne shell): find directory -type d -exec sup {} \;
NOTE
The sup command should not be run on any installed software, for example, the /com, /bin, or /usr directories, since sup will nullify the initial default ACL and thereby deny the DOMAIN sys_admin account rights to those directories (and any directories created under them later). This means that a sys_admin account will be unable to update that software. In effect, you will probably not wish to use sup on directory levels higher than users’ home directories.
If you inadvertantly run sup on a directory, you can restore the initial default ACL using the id option to edacl. For example, to restore the sys_admin account to directory’s initial default ACL, use the following command. edacl -a %.sys_admin.%.% -all -id directory