Re: NFSv4 ACLs (was: ...ACL's and reiser...)

From: Albert D. Cahalan (acahalan@cs.uml.edu)
Date: Thu Jul 27 2000 - 23:29:33 EST


Jesse Pollard writes:
> [Albert D. Cahalan]
>> Jesse Pollard writes:
>>> "Albert D. Cahalan" <acahalan@cs.uml.edu>:
>>>> Michael Gerdts writes:
>>
>>>>> When implementing ACL's please read over section 5.9 of the NFSv4 draft.
>>>>> http://www.ietf.org/internet-drafts/draft-ietf-nfsv4-07.txt

>>>> Wow, that is almost pure NT 4.0, with 4 of 7 authors being from Sun!
>>>> The only difference is that the 17 access mask bits are all specific;
>>>> there is no concept of mapping generic bits to object-specific bits.
>>>> The inheritance, types, and scanning algorithm are all from NT.
>>>>
>>>> This is a good system; it can handle Coda and Netware fairly well.
>>>>
>>>> Well, there you go. Windows NT features are required for UNIX now.

>> NFSv4 ACLs are not just rwx permissions. Instead of those 3 bits,
>> you get 17 bits. Here they are:
>
> (UNICOS permissions weren't just rwx - those were the most frequently
> used permissions though)
>
>> READ_DATA read the data of the file
>> LIST_DIRECTORY list the contents of a directory
>> WRITE_DATA modify the file's data
>> ADD_FILE add a new file to a directory
>> APPEND_DATA append data to a file
>> ADD_SUBDIRECTORY create a subdirectory to a directory
>> READ_NAMED_ATTRS read the named attributes of a file
>> WRITE_NAMED_ATTRS write the named attributes of a file
>> EXECUTE execute a file
>> DELETE_CHILD delete a file or directory within a directory
>> READ_ATTRIBUTES read basic attributes (non-acls) of a file
>> WRITE_ATTRIBUTES change basic attributes (non-acls) of a file
>> DELETE Delete the file
>> READ_ACL Read the ACL
>> WRITE_ACL Write the ACL
>> WRITE_OWNER change the owner
>> SYNCHRONIZE access file locally at the server with sync read/write
>>
>> Where do you think SYNCHRONIZE and WRITE_OWNER come from? NFSv4 also
>> has inherit-once ability, under the ACE4_NO_PROPAGATE_INHERIT_ACE name.
>> NFSv4 even has 10 well-known identifiers and audit ACEs.
>
> synchronize from the sync system call, write_owner from the chown system
> call - which, by the way, is a resource control problem and has to be/should
> be disabled on most systems (especially those with quota limits). Several
> others trace all the way back to Multics.

It is NT that made these into permission bits.

NT lets you chown() a file to yourself (only to yourself) if the
file's ACL grants you this right. Nobody can chown() a file to
somebody else, but any file owner can grant the "take ownership"
right to somebody else. People with WRITE_ACL can grant themselves
this right too.

WRITE_ACL sure isn't UNIX-like. Neither is DELETE, which lets you
bypass directory write permission to delete a specified file.
NT has both of these.

> Most of these are POSIX ACLs.

The withdrawn POSIX draft only has rwx permissions. I have draft 17.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Mon Jul 31 2000 - 21:00:26 EST