On Fri, 26 Feb 2010, Bill Sommerfeld wrote: > acl-chmod interactions have been mishandled so badly in the past that i > think a bit of experimentation with differing policies is in order.
I volunteer to help test discard and deny :). Heck, I volunteer to help *implement* discard and deny... > Based on the amount of wailing I see around acls, I think that, based on > personal experience with both systems, AFS had it more or less right and > POSIX got it more or less wrong -- once you step into the world of acls, > the file mode should be mostly ignored, and an accidental chmod should > *not* destroy carefully crafted acls. We prototyped an AFS deployment for a while (it was the closest thing to our existing DFS available). The location independence was great (I got spoiled under DFS with the ability to transparently migrate data between servers while in use), but the inability to apply an ACL to a file kind of sucked. I guess you could have every file be in its own individual subdirectory with the parent directory having a symlink to it to simulate per-file ACL's, but talk about kludgy. I'm actually much happier with our ZFS deployment (other than a couple of ongoing unresolved scalability issues and this acl issue). But I can't agree with you more that an undesired chmod should not destroy carefully crafted acls. Now if I could only get a ZFS engineer to share that viewpoint :). -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | hen...@csupomona.edu California State Polytechnic University | Pomona CA 91768 _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
