From: "J. Bruce Fields" <bfields@fieldses.org>
To: "McEvoy, James" <james.mcevoy@hp.com>
Cc: "linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>
Subject: Re: NFSv4.1 ACL reference implementation
Date: Wed, 30 Jul 2014 14:05:52 -0400 [thread overview]
Message-ID: <20140730180552.GI26316@fieldses.org> (raw)
In-Reply-To: <6301806E96421841896741228C6B1A2764A7DCF7@G4W3216.americas.hpqcorp.net>
On Wed, Jul 30, 2014 at 05:08:25PM +0000, McEvoy, James wrote:
> We are implementing NFSv4.1 ACLs in the filesystem mostly to support
> SMB/CIFS but I am seeing some strange behavior with ACL group
> inheritance on children/grand-children using the nfs4_setfacl and
> nfs4_getfacl on the parent directory. The problems are mostly with
> inheritance on the @OWNER and @GROUP ACEs...
The usual problem is that the umask is applied.
> What I am looking for is a reference that I can use to validate ACL
> inheritance behavior. Is there a distro that has a filesystem which supports
> NFSv4 ACLs? Or ideally an rpm that I could install on a CentOS6 VM.
> I have tried using the richacl mount option on OpenSUSE 13.1 but the
> nfs4_getfacl command returns:
> "Operation to request attribute not supported."
> The fstab entry to mount the filesystem is:
> /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0-part3 \
> /home ext4 acl,richacl,user_xattr 1 2
>
> Do you have any recommendations as to what and how I can install
> a filesystem that supports nfsv4 ACLs?
No, they all just do "posix" acls and nfsd tries to translate.
But the umask issue is somewhat of a separate issue.
--b.
>
> --jim
>
> > -----Original Message-----
> > From: linux-nfs-owner@vger.kernel.org [mailto:linux-nfs-
> > owner@vger.kernel.org] On Behalf Of J. Bruce Fields
> > Sent: Tuesday, July 29, 2014 2:09 PM
> > To: McEvoy, James
> > Cc: linux-nfs@vger.kernel.org
> > Subject: Re: NFSv4.1 ACL reference implementation
> >
> > On Tue, Jul 29, 2014 at 07:18:03PM +0000, McEvoy, James wrote:
> > > Is there a working NFSv4.1 reference implementation available and are there
> > any instructs on how to build/install it?
> >
> > I don't recall seeing any, no.
> >
> > (Most NFSv4.0 ACL implementations should still be perfectly compliant with the
> > NFSv4.1 spec too as far as I know. But I don't know of any implementations of
> > the ACL features that are new to RFC 5661. Is there any particular feature that
> > you're interested in?)
> >
> > --b.
> > --
> > To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of
> > a message to majordomo@vger.kernel.org More majordomo info at
> > http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2014-07-30 18:05 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-29 19:18 NFSv4.1 ACL reference implementation McEvoy, James
2014-07-29 21:09 ` J. Bruce Fields
2014-07-30 17:08 ` McEvoy, James
2014-07-30 18:05 ` J. Bruce Fields [this message]
2014-07-30 18:15 ` McEvoy, James
2014-07-30 18:21 ` J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140730180552.GI26316@fieldses.org \
--to=bfields@fieldses.org \
--cc=james.mcevoy@hp.com \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).