From: "Paul B. Henson" <henson@acm.org>
To: "J. Bruce Fields" <bfields@fieldses.org>
Cc: linux-nfs@vger.kernel.org
Subject: Re: nfs4-acl-tools 0.3.5
Date: Tue, 21 Aug 2018 18:18:49 -0700 [thread overview]
Message-ID: <d4649560-ad74-d119-13ba-876af9a4974e@acm.org> (raw)
In-Reply-To: <20180822003301.GA17500@fieldses.org>
On 8/21/2018 5:33 PM, J. Bruce Fields wrote:
> In the wire protocol there's no need for such constants. An ACE can
> have one of the special strings OWNER@, GROUP@, or EVERYONE@ in the
> owner field, and that's all you need.
Ah, so an NFSv4 client is supposed to figure out whether or not it's a
special ACE just by the who_string... That probably explains why I
didn't see the same issue using the nfs4-acl-tools on a Linux client
mounting an illumos ZFS share via NFS.
> The only use of those constants is probably internal to the ACL tools,
> so they don't have to agree with any standards.
Ok, I found the illumos NFSv4 server code where it converts the local
ZFS ACLs to/from xdr format, and you're right, those flags are not
included in the outbound mapping, it converts them to the special entry
strings, and it does string comparisons to determine whether or not to
add them for the inbound mapping.
However, in the nfs4-acl-tools code it seems to expect those bits off
the wire to decode and is willing to send them on the wire?
For example, in libnfs4acl/nfs4_get_ace_flags.c
if (flags & NFS4_ACE_OWNER)
*buf++ = FLAG_OWNER_AT;
If it sees that bit set in the flags, it adds 'O' to the string
representation, and correspondingly in libnfs4acl/nfs4_ace_from_string.c:
case FLAG_OWNER_AT:
flags |= NFS4_ACE_OWNER;
break;
If you include O in your ACL specification, it will add that flag and
include it when it sends it? The same for the NFS4_ACE_GROUP and
NFS4_ACE_EVERYONE flags.
I'm confused why the nfs4-acl-tools would need these local defines. On
the ZFS side, the on-disk ACL format doesn't include strings, just flags
and uids/gids, so the extra flag bits are presumably needed so it can
tell which entries are special. However, the tools presumably are only
intended to consume NFSv4 xdr, and generate it? So why did they need
these flags given that the NFSv4 xdr format doesn't include them?
Thanks for the input, much appreciated…
next prev parent reply other threads:[~2018-08-22 4:41 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-07 19:37 nfs4-acl-tools 0.3.4 J. Bruce Fields
2018-08-21 16:51 ` nfs4-acl-tools 0.3.5 J. Bruce Fields
2018-08-21 23:44 ` Paul B. Henson
2018-08-22 0:33 ` J. Bruce Fields
2018-08-22 1:18 ` Paul B. Henson [this message]
2018-08-22 15:12 ` J. Bruce Fields
2018-08-22 19:28 ` Paul B. Henson
2018-08-22 19:46 ` J. Bruce Fields
2018-08-23 1:11 ` Paul B. Henson
2018-08-23 14:38 ` J. Bruce Fields
2018-08-23 19:41 ` Paul B. Henson
2018-08-24 5:51 ` Christoph Hellwig
2018-08-23 19:41 ` Paul B. Henson
2018-08-23 20:57 ` J. Bruce Fields
2018-08-24 0:50 ` Paul B. Henson
2018-08-24 15:26 ` J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d4649560-ad74-d119-13ba-876af9a4974e@acm.org \
--to=henson@acm.org \
--cc=bfields@fieldses.org \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).