From: "Aneesh Kumar K. V" <aneesh.kumar@linux.vnet.ibm.com>
To: "J. Bruce Fields" <bfields@citi.umich.edu>
Cc: sfrench@us.ibm.com, ffilz@us.ibm.com, agruen@suse.de,
adilger@sun.com, sandeen@redhat.com, tytso@mit.edu,
staubach@redhat.com, jlayton@redhat.com,
linux-fsdevel@vger.kernel.org, nfsv4@linux-nfs.org,
linux-ext4@vger.kernel.org
Subject: Re: [PATCH 07/23] vfs: Add Posix acl to rich acl mapping helpers
Date: Tue, 02 Feb 2010 10:52:53 +0530 [thread overview]
Message-ID: <87wryw43f6.fsf@linux.vnet.ibm.com> (raw)
In-Reply-To: <20100201231816.GQ19418@fieldses.org>
On Mon, 1 Feb 2010 18:18:16 -0500, "J. Bruce Fields" <bfields@citi.umich.edu> wrote:
> On Mon, Feb 01, 2010 at 11:04:49AM +0530, Aneesh Kumar K.V wrote:
> > This patch add helpers that can be used by the file system to map
> > posix acls to rich acl format. This enables the file system to
> > return rich acl mapping the posix acls stored on disk when the
>
> You mean, to return a rich acl which is a mapped version of the posix
> acl stored on disk?
Yes
>
> > file system is enabled with rich acl format.
>
> Then I assume if you modified the acl, the filesystem would replace
> the existing posix acl by a "rich acl"?
>
Yes
> The idea being to allow you to convert an existing posix-acl-using
> filesystem to rich acl's? (But not the reverse.)
>
Exactly.
For ex:
/mnt# touch a
/mnt# getfacl a
# file: a
# owner: root
# group: root
user::rw-
group::r--
other::r--
/mnt# setfacl -m u:guest:rw a
/mnt# getfacl a
# file: a
# owner: root
# group: root
user::rw-
user:guest:rw-
group::r--
mask::rw-
other::r--
# umount /mnt/
# tune2fs -O richacl /dev/vdc
# mount /dev/vdc /mnt -o acl
# cd /mnt/
/mnt# getfacl a
# file: a
# acl format: richacl
# owner: root
# group: root
flags:pP <----- 'P' indicate Posix mapped
owner@:---------x-T--M--s::deny
owner@:-r-w-a-----T--M--s::allow
guest:---------x-T--M--s::deny
guest:-r-w-a-----T--M--s::allow
group@:-r---------T--M--s::allow
group@:---w-a---x-T--M--s::deny
everyone@:-r---------T--M--s::allow
/mnt# setrichacl --modify guest:r::allow a
/mnt# getfacl a
# file: a
# acl format: richacl
# owner: root
# group: root
flags:p <---- Posix mapped flag is dropped
owner@:---------x-T--M--s::deny
owner@:-r-w-a------------::allow
guest:---------x-T--M--s::deny
guest:-r----------------::allow
group@:-r---------T--M--s::allow
group@:---w-a---x-T--M--s::deny
everyone@:-r---------T--M--s::allow
next prev parent reply other threads:[~2010-02-02 5:23 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-01 5:34 [RFC PATCH] New ACL format for better NFSv4 acl interoperability Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 01/23] vfs: VFS hooks for per-filesystem permission models Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 02/23] vfs: Check for create permission during rename Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 03/23] vfs: rich ACL in-memory representation and manipulation Aneesh Kumar K.V
2010-02-01 7:28 ` Brad Boyer
2010-02-01 18:02 ` Aneesh Kumar K. V
2010-02-01 23:06 ` J. Bruce Fields
2010-02-01 23:21 ` J. Bruce Fields
2010-02-01 5:34 ` [PATCH 04/23] richacl: Add write retention and retention hold access mask Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 05/23] ext4: Implement rich acl for ext4 Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 06/23] vfs: Implement those parts of Automatic Inheritance (AI) which are safe under POSIX Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 07/23] vfs: Add Posix acl to rich acl mapping helpers Aneesh Kumar K.V
2010-02-01 23:18 ` J. Bruce Fields
2010-02-02 5:22 ` Aneesh Kumar K. V [this message]
2010-02-01 5:34 ` [PATCH 08/23] vfs: Add a flag to denote posix mapped richacl Aneesh Kumar K.V
2010-02-01 23:18 ` J. Bruce Fields
2010-02-02 5:33 ` Aneesh Kumar K. V
2010-02-02 15:18 ` J. Bruce Fields
2010-02-02 15:18 ` J. Bruce Fields
2010-02-01 5:34 ` [PATCH 09/23] ext4: Add posix acl to rich acl mapping Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 10/23] richacl: Add separate file and dir acl masks Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 11/23] richacl: Move the xattr representation to little-endian format Aneesh Kumar K.V
2010-02-01 23:34 ` J. Bruce Fields
2010-02-02 5:35 ` Aneesh Kumar K. V
2010-02-01 5:34 ` [PATCH 12/23] richacl: Use directory specific mask values for operation on directories Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 13/23] richacl: Follow nfs4 acl delete definition Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 14/23] richacl: Disable automatic inheritance with posix mapped acls Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 15/23] richacl: Delete posix acl if present on richacl set Aneesh Kumar K.V
2010-02-01 5:34 ` [PATCH 16/23] ext4: Update richacl incompat flag value Aneesh Kumar K.V
2010-02-01 23:41 ` J. Bruce Fields
2010-02-01 5:34 ` [PATCH 17/23] vfs: Add new MS_ACL and MS_RICHACL flag Aneesh Kumar K.V
2010-02-01 5:35 ` [PATCH 18/23] richacl: Add helper function for creating richacl from mode values Aneesh Kumar K.V
2010-02-01 5:35 ` [PATCH 19/23] fs: Use the correct MS_*ACL flags in file system code Aneesh Kumar K.V
2010-02-01 5:35 ` [PATCH 20/23] nfsd: Apply NFSv4acl to posix acl mapping only if MS_POSIXACL is set Aneesh Kumar K.V
2010-02-01 5:35 ` [PATCH 21/23] richacl: Add helpers for NFSv4 acl to richacl conversion Aneesh Kumar K.V
2010-02-01 5:35 ` [PATCH 22/23] nfsd: Add support for reading rich acl from file system Aneesh Kumar K.V
2010-02-01 5:35 ` [PATCH 23/23] nfsd: Add support for saving richacl Aneesh Kumar K.V
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87wryw43f6.fsf@linux.vnet.ibm.com \
--to=aneesh.kumar@linux.vnet.ibm.com \
--cc=adilger@sun.com \
--cc=agruen@suse.de \
--cc=bfields@citi.umich.edu \
--cc=ffilz@us.ibm.com \
--cc=jlayton@redhat.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=nfsv4@linux-nfs.org \
--cc=sandeen@redhat.com \
--cc=sfrench@us.ibm.com \
--cc=staubach@redhat.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.