From: Nico Schottelius <nico-kernel@schottelius.org>
To: LKML <linux-kernel@vger.kernel.org>
Cc: Daniel Aubry <kernel-acl@spam.kicks-ass.net>
Subject: ACL Problem
Date: Fri, 2 Dec 2005 17:40:47 +0100 [thread overview]
Message-ID: <20051202164047.GN32690@schottelius.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 6460 bytes --]
Hello!
I've problems settings ACLs on differnt hosts:
- ext3 does not work anywhere, error as in not supported ACLs
- reiserfs does not work either (does in support acls anyway?)
- jfs with ACLs works fine, jfs without ACLs behaves correctly not beeing able to
set them
- On xfs it works everwhere
Here's the output of those machines:
-----------------------------Host1: srsyg01-------------------------------------
srsyg01:/home/server/git# setfacl -R -m g:lw1:rwx walderlift-db-verifizieren.git/description
setfacl: walderlift-db-verifizieren.git/description: Operation not supported
srsyg01:/home/server/git# uname -a
Linux srsyg01 2.6.12xenU #7 Sun Nov 6 13:54:56 CET 2005 i686 GNU/Linux
srsyg01:/home/server/git# zcat /proc/config.gz | grep ACL
CONFIG_EXT2_FS_POSIX_ACL=y
CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_FS_POSIX_ACL=y
srsyg01:/home/server/git# mount | grep /home
/dev/sdb1 on /home type ext3 (rw)
srsyg01:/home/server/git# setfacl --version
setfacl 2.2.32
-----------------------------Host1: srsyg01 (End)-------------------------------
-----------------------------Host2: bruehe -------------------------------------
bruehe2# setfacl -m d:m:rwx woech
setfacl: woech: Operation not supported
bruehe2# zcat /proc/config.gz | grep ACL
CONFIG_RSBAC_ACL=y
# ACL Policy Options
# CONFIG_RSBAC_ACL_SUPER_FILTER is not set
CONFIG_RSBAC_ACL_AUTH_PROT=y
CONFIG_RSBAC_ACL_UM_PROT=y
CONFIG_RSBAC_ACL_GEN_PROT=y
# CONFIG_RSBAC_ACL_BACKUP is not set
# CONFIG_RSBAC_ACL_LEARN is not set
CONFIG_RSBAC_ACL_NET_DEV_PROT=y
CONFIG_RSBAC_ACL_NET_OBJ_PROT=y
# CONFIG_RSBAC_SWITCH_ACL is not set
CONFIG_EXT2_FS_POSIX_ACL=y
CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_JFS_POSIX_ACL=y
CONFIG_FS_POSIX_ACL=y
CONFIG_XFS_POSIX_ACL=y
bruehe2# mount | head -n1
/dev/md0 on / type ext3 (rw)
[17:37] bruehe2:~% setfacl --version
setfacl 2.2.32
-----------------------------Host2: bruehe (END) -------------------------------
-----------------------------Host3: idoru -------------------------------------
cs2-dev-01:/www/idoru.baselbiet.ch# setfacl -m d:m:rwx .
setfacl: .: Operation not supported
cs2-dev-01:/www/idoru.baselbiet.ch# mount | grep /var
/dev/mapper/vg01-var on /var type ext3 (rw)
cs2-dev-01:/www/idoru.baselbiet.ch# zcat /proc/config.gz | grep ACL
CONFIG_EXT2_FS_POSIX_ACL=y
CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_FS_POSIX_ACL=y
CONFIG_XFS_POSIX_ACL=y
# CONFIG_NFS_V3_ACL is not set
# CONFIG_NFSD_V3_ACL is not set
cs2-dev-01:/www/idoru.baselbiet.ch# setfacl --version
setfacl 2.2.32
-----------------------------Host3: idoru (END) ---------------------------------
-----------------------------Host4: hydrogenium --------------------------------
# Test on XFS
[17:17] hydrogenium:~# mount
rootfs on / type rootfs (rw)
/dev/root on / type xfs (rw)
tmpfs on /etc/cinit/tmp type tmpfs (rw)
udev on /dev type tmpfs (rw)
sysfs on /sys type sysfs (rw)
proc on /proc type proc (rw,nodiratime)
/dev/mapper/home on /home type jfs (rw,integrity)
devpts on /dev/pts type devpts (rw)
[17:18] hydrogenium:~# mkdir /tmp/test
[17:19] hydrogenium:~# setfacl -m d:u:nico:rwx /tmp/test
[17:19] hydrogenium:~# setfacl -m u:root:rx /tmp/test
[17:20] hydrogenium:~# setfacl -m d:m:rwx /tmp/test
# Now test on JFS
[17:22] hydrogenium:~nico# cd ~nico
[17:22] hydrogenium:~nico# mkdir acl-test
[17:22] hydrogenium:~nico# setfacl -m d:u:nico:rwx acl-test
setfacl: acl-test: Operation not supported
[17:23] hydrogenium:~nico# uname -a
Linux hydrogenium 2.6.14 #2 PREEMPT Wed Nov 16 11:41:40 CET 2005 i686 GNU/Linux
[17:25] hydrogenium:~nico# cd /usr/src/linux
[17:25] hydrogenium:linux# grep ACL .config
CONFIG_EXT2_FS_POSIX_ACL=y
CONFIG_EXT3_FS_POSIX_ACL=y
# CONFIG_JFS_POSIX_ACL is not set
CONFIG_FS_POSIX_ACL=y
CONFIG_XFS_POSIX_ACL=y
CONFIG_NFS_V3_ACL=y
CONFIG_NFSD_V2_ACL=y
CONFIG_NFSD_V3_ACL=y
CONFIG_NFS_ACL_SUPPORT=m
[17:35] hydrogenium:~% setfacl --version
setfacl 2.2.32
-----------------------------Host4: hydrogenium (END)---------------------------
-----------------------------Host5: eiche --------------------------------------
[17:30] eiche:~# zcat /proc/config.gz| grep ACL
CONFIG_RSBAC_ACL=y
# ACL Policy Options
# CONFIG_RSBAC_ACL_SUPER_FILTER is not set
CONFIG_RSBAC_ACL_AUTH_PROT=y
CONFIG_RSBAC_ACL_UM_PROT=y
CONFIG_RSBAC_ACL_GEN_PROT=y
# CONFIG_RSBAC_ACL_BACKUP is not set
# CONFIG_RSBAC_ACL_LEARN is not set
CONFIG_RSBAC_ACL_NET_DEV_PROT=y
CONFIG_RSBAC_ACL_NET_OBJ_PROT=y
# CONFIG_RSBAC_SWITCH_ACL is not set
CONFIG_EXT2_FS_POSIX_ACL=y
CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_JFS_POSIX_ACL=y
CONFIG_FS_POSIX_ACL=y
CONFIG_XFS_POSIX_ACL=y
# CONFIG_NFS_V3_ACL is not set
# CONFIG_NFSD_V3_ACL is not set
[17:30] eiche:~# mount
rootfs on / type rootfs (rw)
/dev/root on / type xfs (rw)
proc on /proc type proc (rw,nodiratime)
sysfs on /sys type sysfs (rw)
usbfs on /proc/bus/usb type usbfs (rw)
/dev/root on /dev/.static/dev type xfs (rw)
tmpfs on /dev type tmpfs (rw)
/dev/hda1 on /mnt/archiv type xfs (rw)
/dev/hdi on /mnt/backup type reiserfs (rw)
/dev/hdh on /mnt/datenklo type xfs (rw)
devpts on /dev/pts type devpts (rw)
tmpfs on /dev/shm type tmpfs (rw)
/dev/mapper/nirvana on /mnt/datennirvana type jfs (rw)
/dev/mapper/schwarzes-loch on /mnt/schwarzesloch type ext3 (rw)
# Test on XFS
[17:30] eiche:~# cd /
[17:31] eiche:/# mkdir acl-test
[17:31] eiche:/# setfacl -m d:m:rwx acl-test
# Successfull
# Test on reiserfs:
[17:32] eiche:archiv# cd /mnt/backup
[17:32] eiche:backup# mkdir acl-test
[17:32] eiche:backup# setfacl -m d:m:rwx acl-test
setfacl: acl-test: Operation not supported
# fails
# Test on jfs
[17:33] eiche:datennirvana# mkdir acl-test
[17:33] eiche:datennirvana# setfacl -m d:m:rwx acl-test
# successfull
# Test on ext3 again
[17:34] eiche:schwarzesloch# mkdir acl-test
[17:34] eiche:schwarzesloch# setfacl -m d:m:rwx acl-test
setfacl: acl-test: Operation not supported
# fails
[17:34] eiche:schwarzesloch# uname -a
Linux eiche 2.6.13.2-rsbac-eiche-rsbac #1 Mon Oct 3 11:48:43 CEST 2005 i686 GNU/Linux
[17:35] eiche:schwarzesloch# setfacl --version
setfacl 2.2.29
-----------------------------Host5: eiche (END) --------------------------------
What am I doing wrong?
Is there a special tool for ext3?
Nico
--
Latest project: cinit-0.2.1 (http://linux.schottelius.org/cinit/)
Open Source nutures open minds and free, creative developers.
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 827 bytes --]
next reply other threads:[~2005-12-02 16:41 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-12-02 16:40 Nico Schottelius [this message]
2005-12-02 16:59 ` ACL Problem J. Bruce Fields
2005-12-02 17:34 ` Paul Rolland
2005-12-02 17:42 ` J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20051202164047.GN32690@schottelius.org \
--to=nico-kernel@schottelius.org \
--cc=kernel-acl@spam.kicks-ass.net \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.