Greetings,
I was played with acl and specially default acl for directories at my
FreeBSD-CURRENT machine with UFS2 filesystem and some questions appears
to me:
1. How about default acl permission to override umask?
Is that the idea who isn't yet implemented or you have opinions against that.
2. What are reasons to update ACL_MASK entry (if exist) or ACL_GROUP_OBJ
entry (if mask doesn't exist) but not both in ufs_sync_acl_from_inode()?
It's true that reverse function ufs_sync_inode_from_acl() uses the same
logic but take a look at follow situation:
root@earth:foodir# setfacl -dm u::rwx,g::rwx,o::rx ./
root@earth:foodir# getfacl -d ./
#file:./
#owner:0
#group:0
user::rwx
group::rwx
mask::rwx
other::r-x
root@earth:foodir# touch foo
root@earth:foodir# ll
total 4
drwxr-xr-x+ 2 root wheel - 512 Nov 23 13:22 .
drwxr-xr-x 3 root wheel - 512 Nov 23 13:21 ..
-rw-r--r--+ 1 root wheel - 0 Nov 23 13:22 foo
root@earth:foodir# getfacl foo
#file:foo
#owner:0
#group:0
user::rw-
group::rwx # effective: r--
mask::r--
other::r--
Here acl entries are not in sync with inode permissions, because as I said
only mask entry is updated and group is discarded. But if we try this:
root@earth:foodir# setfacl -m u:nobody:r foo
root@earth:foodir# getfacl foo
#file:foo
#owner:0
#group:0
user::rw-
user:nobody:r--
group::rwx
mask::rwx
other::r--
root@earth:foodir# ll
total 4
drwxr-xr-x+ 2 root wheel - 512 Nov 23 13:22 .
drwxr-xr-x 3 root wheel - 512 Nov 23 13:21 ..
-rw-rwxr--+ 1 root wheel - 0 Nov 23 13:25 foo
Now we have both acl and inode permissions in sync because setfacl call
acl_calc_mask().
P.S.
Please CC to me, I'm not subscribe to list (because I'm not a kernel hacker:)
--
Regards,
D. Penev
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
- Re: default acl for directory Dancho Penev
- Re: default acl for directory Robert Watson
