From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp10.smtpout.orange.fr ([80.12.242.132]:59925 "EHLO smtp.smtpout.orange.fr" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753673AbcIUMeM (ORCPT ); Wed, 21 Sep 2016 08:34:12 -0400 Message-ID: <57E27C3F.5080608@wanadoo.fr> Date: Wed, 21 Sep 2016 14:25:35 +0200 From: =?UTF-8?Q?Jean-Pierre_Andr=c3=a9?= MIME-Version: 1.0 To: Miklos Szeredi , Seth Forshee CC: fuse-devel , linux-fsdevel@vger.kernel.org, "Eric W. Biederman" , Michael j Theall , Nikolaus Rath , Andreas Gruenbacher Subject: Re: [PATCH 0/2] Support for posix ACLs in fuse References: <1472478397-131967-1-git-send-email-seth.forshee@canonical.com> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-fsdevel-owner@vger.kernel.org List-ID: Hi, Miklos Szeredi wrote: > [Adding Andreas Gruenbacher to Cc] > > On Mon, Aug 29, 2016 at 3:46 PM, Seth Forshee > wrote: >> Hi Miklos, >> >> Here's an updated set of patches for supporting posix ACLs in fuse. I >> think I've incorporated all the feedback from the last RFC series, and >> so I've dropped the RFC this time. > > Pushed, with minor changes, to > > git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git#for-next > > Please verify that I didn't break it. > >> I also pushed to github the changes I made to libfuse for testing this. >> They're a little rough and probably not 100% complete, but it is >> sufficient for exercising the functionality of these patches with >> fusexmp. >> >> https://github.com/sforshee/libfuse/tree/posix-acl > > As for the libfuse part: > > 1) Please don't mess with fusexmp.c. The added code is really an > anti-example. Posix acls will will work fine in such pass-through > filesystems without doing anything. The added complexity just makes > it brittle and racy without actually doing anything positive. > > 2) You define some constants and structures (POSIX_ACL_*) in > fuse_common.h that don't seem to belong there. There's > that contains some parts of that, but I'm not sure how much we want to > tie libfuse to libacl... It's a difficult thing. Generally I'd try > to keep the interface as narrow as possible. Perhaps it's enough to > have a a function to return the equivalent mode from the xattr? > > 3) How will richacl's fit into this? > > 4) We really need a better example to check the efficiency of the new > interface, but that's hard because we need a "real" filesystem for > that and those are rare. Ntfs-3g is one such, and it would be > interesting to "port" it to using the new API. > > Jean-Pierre, how difficult would that be? The code for Posix ACLs support within the kernel is already present in ntfs-3g (just have to define the macro KERNELACLS in order to disable the checks within ntfs-3g and rely on the kernel ones). This however relies on assumptions I made a few years back, and might be invalid now. I will at least have to set some flag in the init callback. The ACLs are supposed to be set and retrieved through the extended attributes system.posix_acl_access and system.posix_acl_default. Recent posts about it in this list mention "xattr handlers", do they mean getxattr() and setxattr() on these extended attributes ? Also the sync with the file mode is done natively, as the ACLs and modes are translated to a single object (an NTFS ACL). There is no need for fuse to duplicate the mode to a ACL setting or conversely. Now the main problem for ntfs-3g is to migrate to libfuse3, still keeping the compatibility with non-Linux implementations (MacOSX, OpenIndiana, and others). I have not done anything about it yet. Does the Posix ACL in-kernel support require libfuse3 ? Finally, I am still using an old kernel, so I will have to setup a test environment... Jean-Pierre > > Thanks, > Miklos >