From: "Jean-Pierre André" <jean-pierre.andre@wanadoo.fr>
To: "Eric W. Biederman" <ebiederm@xmission.com>,
Michael j Theall <mtheall@us.ibm.com>
Cc: fuse-devel@lists.sourceforge.net,
Seth Forshee <seth.forshee@canonical.com>,
linux-fsdevel@vger.kernel.org, Miklos Szeredi <miklos@szeredi.hu>
Subject: Re: [fuse-devel] [RFC] fuse: Support posix ACLs
Date: Thu, 30 Jun 2016 09:23:30 +0200 [thread overview]
Message-ID: <5774C8F2.5030802@wanadoo.fr> (raw)
In-Reply-To: <87vb0rhhpr.fsf@x220.int.ebiederm.org>
ebiederm@xmission.com (Eric W. Biederman) wrote:
> "Michael j Theall" <mtheall@us.ibm.com> writes:
>
>> Going by the patch I posted a couple of years ago:
>> https://sourceforge.net/p/fuse/mailman/message/33033653/
>>
>> The only hole I see in your patch is that in setattr() you are not
>> updating the cached acl if the ATTR_MODE is updated. The other major
>> difference is that my version uses the get_acl/set_acl inode
>> operations but you use that plus the xattr handlers. I'm not
>> up-to-speed on the kernel so I'm not sure if you actually need to
>> implement both.
>
> That makes an interesting question. Is it desirable to keep
> inode->i_mode in sync with the posix acls in fuse or should a filesystem
> that supports posix acls worry about that?
Using a former implementation of ACLs within fuse at the
kernel level, I got the result below.
File systems expect consistency.
# Using the low level interface of fuse, with use of ACLs
# intended to be checked in the kernel, but not related to
# access control
rm -rf trydir
mkdir trydir
echo file > trydir/file
ls -l trydir/file
setfacl -m 'u::7,g::5,o::5' trydir/file
ls -l trydir/file
sleep 1
ls -l trydir/file
-rw-r--r-- 1 root root 5 2009-09-12 12:02 trydir/file
-rw-r--r-- 1 root root 5 2009-09-12 12:02 trydir/file
-rwxr-xr-x 1 root root 5 2009-09-12 12:02 trydir/file
Jean-Pierre
next prev parent reply other threads:[~2016-06-30 7:23 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-29 19:07 [RFC] fuse: Support posix ACLs Seth Forshee
2016-06-29 19:24 ` Michael j Theall
[not found] ` <OFF8F0F486.DB2CEB73-ON86257FE1.006A1FF4-86257FE1.006A9703-8eTO7WVQ4XIsd+ienQ86orlN3bxYEBpz@public.gmane.org>
2016-06-29 19:52 ` Michael j Theall
2016-06-29 21:03 ` [fuse-devel] " Seth Forshee
2016-06-29 21:13 ` Michael j Theall
2016-06-29 20:18 ` [fuse-devel] " Eric W. Biederman
[not found] ` <87vb0rhhpr.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2016-06-29 20:35 ` Michael j Theall
2016-06-30 7:23 ` Jean-Pierre André [this message]
2016-06-30 13:07 ` [fuse-devel] " Seth Forshee
2016-06-30 16:25 ` Eric W. Biederman
2016-06-30 16:54 ` Seth Forshee
2016-07-01 19:37 ` Nikolaus Rath
2016-07-01 19:33 ` Nikolaus Rath
2016-07-01 19:49 ` Seth Forshee
2016-06-29 20:56 ` Seth Forshee
2016-06-30 7:13 ` Jean-Pierre André
2016-07-01 19:29 ` Nikolaus Rath
2016-07-01 19:58 ` Seth Forshee
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5774C8F2.5030802@wanadoo.fr \
--to=jean-pierre.andre@wanadoo.fr \
--cc=ebiederm@xmission.com \
--cc=fuse-devel@lists.sourceforge.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=mtheall@us.ibm.com \
--cc=seth.forshee@canonical.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.