X-Git-Url: https://git.openafs.org/?p=openafs.git;a=blobdiff_plain;f=doc%2Fman-pages%2Fpod1%2Ffs_setacl.pod;h=ec437023eebb606ce9304b2f9c4b92dd186fc14f;hp=1eb9ce0f8c88671dd8a0046edc2a920417b0bcaa;hb=3960a5ff1cfef0c3f6adfe6cf602b8c80078ce7d;hpb=03b9fcc8834bfaaac069b27c0cd919934b68e833

diff --git a/doc/man-pages/pod1/fs_setacl.pod b/doc/man-pages/pod1/fs_setacl.pod
index 1eb9ce0..ec43702 100644
--- a/doc/man-pages/pod1/fs_setacl.pod
+++ b/doc/man-pages/pod1/fs_setacl.pod
@@ -4,15 +4,21 @@ fs setacl - Sets the ACL for a directory
 
 =head1 SYNOPSIS
 
-B<fs setacl> B<-dir> <I<directory>>+ B<-acl> <I<access list entries>>+  
+=for html
+<div class="synopsis">
+
+B<fs setacl> S<<< B<-dir> <I<directory>>+ >>> S<<< B<-acl> <I<access list entries>>+ >>>
     [B<-clear>] [B<-negative>] [B<-id>] [B<-if>] [B<-help>]
 
-B<fs sa> B<-d> <I<directory>>+ B<-a> <I<access list entries>>+  
-    [B<-c>] [B<-n>] [B<-id>] [B<-if>] [B<-h>] 
-      
-B<fs seta> B<-d> <I<directory>>+ B<-a> <I<access list entries>>+  
+B<fs sa> S<<< B<-d> <I<directory>>+ >>> S<<< B<-a> <I<access list entries>>+ >>>
+    [B<-c>] [B<-n>] [B<-id>] [B<-if>] [B<-h>]
+
+B<fs seta> S<<< B<-d> <I<directory>>+ >>> S<<< B<-a> <I<access list entries>>+ >>>
     [B<-c>] [B<-n>] [B<-id>] [B<-if>] [B<-h>]
 
+=for html
+</div>
+
 =head1 DESCRIPTION
 
 The B<fs setacl> command adds the access control list (ACL) entries
@@ -230,7 +236,7 @@ with a new set.
       terry rl
 
    % fs setacl -clear -dir reports -acl pat all smith write system:anyuser rl
-   
+
    % fs listacl -dir reports
    Access list for reports is
    Normal rights:
@@ -257,8 +263,16 @@ and its F<public> subdirectory).
 =head1 PRIVILEGE REQUIRED
 
 The issuer must have the C<a> (administer) permission on the directory's
-ACL; the directory's owner and the members of the system:administrators
-group have the right implicitly, even if it does not appear on the ACL.
+ACL, a member of the system:administrators group, or, as a special case,
+must be the UID owner of the top-level directory of the volume containing
+this directory.  The last provision allows the UID owner of a volume to
+repair accidental ACL errors without requiring intervention by a member of
+system:administrators.
+
+Earlier versions of OpenAFS also extended implicit administer permission
+to the owner of any directory.  In current versions of OpenAFS, only the
+owner of the top-level directory of the volume has this special
+permission.
 
 =head1 SEE ALSO