Re: [Lsf-pc] [LSF/MM ATTEND] Richacls

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "J. Bruce Fields" <bfields@fieldses.org>
To: Jeff Layton <jeff.layton@primarydata.com>
Cc: Andreas Gruenbacher <agruenba@redhat.com>,
	Jan Kara <jack@suse.cz>,
	linux-fsdevel@vger.kernel.org, lsf-pc@lists.linux-foundation.org,
	Jeremy Allison <jra@samba.org>
Subject: Re: [Lsf-pc] [LSF/MM ATTEND] Richacls
Date: Wed, 14 Jan 2015 11:11:24 -0500	[thread overview]
Message-ID: <20150114161123.GA1375@fieldses.org> (raw)
In-Reply-To: <20150114070135.3e12143c@tlielax.poochiereds.net>

On Wed, Jan 14, 2015 at 07:01:35AM -0500, Jeff Layton wrote:
> On Wed, 14 Jan 2015 09:53:10 +0100
> Andreas Gruenbacher <agruenba@redhat.com> wrote:
> > I really don't think that changing the existing POSIX ACL behavior is an 
> > option here, or that representing POSIX ACLs as richacls internally 
> > makes a lot of sense. We'll be much better off having both models side 
> > by side.

OK, fair enough, it may not be worth the trouble.

> > 
> > Converting existing POSIX ACLs into richacls, for example for converting 
> > an entire file system, possibly offline, is relatively simple and 
> > straight forward -- and will be needed -- with the caveat that 
> > permissions will then start to accumulate.

Please don't say it that way or people are going to think we're not
handling cases like mode 026--we should definitely insert DENYs as as
necessary.  So the only inaccuracy is that weird corner case with group
ACEs.  Which is worth a footnote, sure, but that's all.

--b.

> > Converting richacls into POSIX ACLs may occasionally be needed when 
> > migrating something back as well, but this operation is lossy in 
> > general, likely slow, there could be different policies like failing or 
> > dropping permissions when something cannot be represented exactly. By 
> > representing POSIX ACLs as richacls internally, that more complicated 
> > conversion would be needed all the time, even in the kernel, though.
> > 
> 
> FWIW, at the last LSF we had a discussion around richacls and Aneesh
> was present. The tentative decision at that time was that filesystems
> should store _either_ richacls or posix acls, and that decision should
> be made at fs creation time.
> 
> If you need to convert to the other scheme, then the understanding was
> that you'd either recreate the filesystem, or potentially do some sort
> of in-place conversion with a specialized tool.
> 
> I think aiming for that sort of scheme makes the most sense as it
> covers the vast majority of use-cases and keeps undue complexity out of
> the kernel.
> 
> -- 
> Jeff Layton <jlayton@primarydata.com>

next prev parent reply	other threads:[~2015-01-14 16:11 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <1626890778.1513173.1421087867777.JavaMail.zimbra@redhat.com>
2015-01-12 21:06 ` [LSF/MM ATTEND] Richacls Andreas Gruenbacher
2015-01-12 21:54   ` Jeremy Allison
2015-01-12 22:30   ` J. Bruce Fields
2015-01-13 10:14     ` [Lsf-pc] " Jan Kara
2015-01-13 15:07       ` Andreas Gruenbacher
2015-01-13 16:48         ` Jeremy Allison
2015-01-13 17:23           ` Andreas Gruenbacher
2015-01-13 17:29             ` Jeremy Allison
2015-01-13 17:40             ` J. Bruce Fields
2015-01-13 18:04               ` Jeremy Allison
2015-01-13 19:53                 ` Frank Filz
2015-01-13 20:24                   ` 'J. Bruce Fields'
2015-01-13 20:26                   ` Jeremy Allison
2015-01-13 20:30                     ` Jeremy Allison
2015-01-13 20:35                       ` Frank Filz
2015-01-14  7:57                   ` Andreas Gruenbacher
2015-01-13 21:04               ` Jan Kara
2015-01-13 21:16                 ` J. Bruce Fields
2015-01-13 21:20                   ` Jeremy Allison
2015-01-13 21:27                     ` Frank Filz
2015-01-13 21:31                   ` Jan Kara
2015-01-14  8:53                     ` Andreas Gruenbacher
2015-01-14 12:01                       ` Jeff Layton
2015-01-14 16:11                         ` J. Bruce Fields [this message]
2015-01-14 17:21                           ` Frank Filz
2015-01-23  5:31   ` Steve French

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150114161123.GA1375@fieldses.org \
    --to=bfields@fieldses.org \
    --cc=agruenba@redhat.com \
    --cc=jack@suse.cz \
    --cc=jeff.layton@primarydata.com \
    --cc=jra@samba.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=lsf-pc@lists.linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.