diff --git a/h5pyd/_apps/hsacl.py b/h5pyd/_apps/hsacl.py
index 20800960..492d726d 100755
--- a/h5pyd/_apps/hsacl.py
+++ b/h5pyd/_apps/hsacl.py
@@ -235,7 +235,12 @@ def main():
                        'readACL': False,
                        'userName': 'default'
                        } 
-        update_names = usernames.copy()
+        # note: list.copy not supported in py2.7, copy by hand for now
+        # update_names = usernames.copy()
+        update_names = []
+        for username in usernames:
+            update_names.append(username)
+
         if not update_names:
             update_names.append("default")
          
diff --git a/test/test_file.py b/test/test_file.py
index d39d367d..11ae746b 100644
--- a/test/test_file.py
+++ b/test/test_file.py
@@ -212,7 +212,7 @@ def test_auth(self):
         # no explicit ACLs yet
         file_acls = f.getACLs()
         if is_hsds:
-            self.assertTrue(len(file_acls) >= 2)  # Should have at least the acls - "default" and test_user1
+            self.assertTrue(len(file_acls) >= 1)  # Should have at least the test_user1 acl
         else:
             self.assertEqual(len(file_acls), 0)