From: "Jean-Pierre André" <jean-pierre.andre@wanadoo.fr>
To: "Eric W. Biederman" <ebiederm@xmission.com>,
Michael j Theall <mtheall@us.ibm.com>
Cc: fuse-devel@lists.sourceforge.net,
Seth Forshee <seth.forshee@canonical.com>,
linux-fsdevel@vger.kernel.org, Miklos Szeredi <miklos@szeredi.hu>
Subject: Re: [fuse-devel] [RFC] fuse: Support posix ACLs
Date: Thu, 30 Jun 2016 09:23:30 +0200 [thread overview]
Message-ID: <5774C8F2.5030802@wanadoo.fr> (raw)
In-Reply-To: <87vb0rhhpr.fsf@x220.int.ebiederm.org>
ebiederm@xmission.com (Eric W. Biederman) wrote:
> "Michael j Theall" <mtheall@us.ibm.com> writes:
>
>> Going by the patch I posted a couple of years ago:
>> https://sourceforge.net/p/fuse/mailman/message/33033653/
>>
>> The only hole I see in your patch is that in setattr() you are not
>> updating the cached acl if the ATTR_MODE is updated. The other major
>> difference is that my version uses the get_acl/set_acl inode
>> operations but you use that plus the xattr handlers. I'm not
>> up-to-speed on the kernel so I'm not sure if you actually need to
>> implement both.
>
> That makes an interesting question. Is it desirable to keep
> inode->i_mode in sync with the posix acls in fuse or should a filesystem
> that supports posix acls worry about that?
Using a former implementation of ACLs within fuse at the
kernel level, I got the result below.
File systems expect consistency.
# Using the low level interface of fuse, with use of ACLs
# intended to be checked in the kernel, but not related to
# access control
rm -rf trydir
mkdir trydir
echo file > trydir/file
ls -l trydir/file
setfacl -m 'u::7,g::5,o::5' trydir/file
ls -l trydir/file
sleep 1
ls -l trydir/file
-rw-r--r-- 1 root root 5 2009-09-12 12:02 trydir/file
-rw-r--r-- 1 root root 5 2009-09-12 12:02 trydir/file
-rwxr-xr-x 1 root root 5 2009-09-12 12:02 trydir/file
Jean-Pierre
next prev parent reply other threads:[~2016-06-30 7:23 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-29 19:07 [RFC] fuse: Support posix ACLs Seth Forshee
2016-06-29 19:24 ` Michael j Theall
[not found] ` <OFF8F0F486.DB2CEB73-ON86257FE1.006A1FF4-86257FE1.006A9703-8eTO7WVQ4XIsd+ienQ86orlN3bxYEBpz@public.gmane.org>
2016-06-29 19:52 ` Michael j Theall
2016-06-29 21:03 ` [fuse-devel] " Seth Forshee
2016-06-29 21:13 ` Michael j Theall
2016-06-29 20:18 ` [fuse-devel] " Eric W. Biederman
[not found] ` <87vb0rhhpr.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2016-06-29 20:35 ` Michael j Theall
2016-06-30 7:23 ` Jean-Pierre André [this message]
2016-06-30 13:07 ` [fuse-devel] " Seth Forshee
2016-06-30 16:25 ` Eric W. Biederman
2016-06-30 16:54 ` Seth Forshee
2016-07-01 19:37 ` Nikolaus Rath
2016-07-01 19:33 ` Nikolaus Rath
2016-07-01 19:49 ` Seth Forshee
2016-06-29 20:56 ` Seth Forshee
2016-06-30 7:13 ` Jean-Pierre André
2016-07-01 19:29 ` Nikolaus Rath
2016-07-01 19:58 ` Seth Forshee
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5774C8F2.5030802@wanadoo.fr \
--to=jean-pierre.andre@wanadoo.fr \
--cc=ebiederm@xmission.com \
--cc=fuse-devel@lists.sourceforge.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=mtheall@us.ibm.com \
--cc=seth.forshee@canonical.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).