Re: [Lsf-pc] [LSF/MM ATTEND] Richacls

[Jan Kara <jack@suse.cz>]

On Mon 12-01-15 17:30:16, J. Bruce Fields wrote:
> On Mon, Jan 12, 2015 at 04:06:44PM -0500, Andreas Gruenbacher wrote:
> > I would like to discuss the status and next steps for completing
> > richacl support (http://en.wikipedia.org/wiki/Richacls) in
> > the vfs, local file systems, nfs, cifs.
> > 
> > Right now, we don't have kernel support for a file permission
> > model powerful enough to support both POSIX permissions and
> > NFSv4 / CIFS access control lists at the same time.  As a result,
> > support for the NFSv4 and CIFS permission models is very limited,
> > and permission wise, Linux is neither a very good client nor
> > server to other systems.  For example, the permission to only
> > append to a file or to take ownership of a file cannot be
> > represented.  When files are copied across systems, file
> > permissions change or are lost.  This should be improved.
> > 
> > I've started working on this a long time ago but didn't have
> > enough time to complete it.  More recently, Aneesh Kumar has
> > spent time on this topic (http://lwn.net/Articles/596517/) but
> > eventually also stopped working on it.  Things have improved on
> > my side and I'll be able to work on this again now, though.
> 
> This has been stalled a while and it will be good to see it unstuck.
> 
> Don't know if if it needs time on the official schedule but I'd look
> forward to discussing it in the hallway....
  As far as I remember (and I'm sorry if I'm too explicit here) the main
issue is to find a way of implementing the features necessary for RichACLs
in a way acceptable for Al and Christoph Hellwig. I specifically remember
Christoph having strong opinions on the rich ACL features as such. I don't
remember the details but the first step is IMO that someone who understands
the needs of NFS and Samba talks to them about what would be an acceptable
extension of the permission model we have.

								Honza
-- 
Jan Kara <jack@suse.cz>
SUSE Labs, CR