RE: [nfsv4] Re: NFSv4 ACL and POSIX interaction / mask, draft-ietf-nfsv4-acls-00 not ready
"Noveck, Dave" <Dave.Noveck@netapp.com> Sun, 16 July 2006 13:11 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G26Ok-0001uq-IK; Sun, 16 Jul 2006 09:11:02 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G26Ok-0001ul-4O for nfsv4@ietf.org; Sun, 16 Jul 2006 09:11:02 -0400
Received: from mx2.netapp.com ([216.240.18.37]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G26Oi-0002zc-Qa for nfsv4@ietf.org; Sun, 16 Jul 2006 09:11:02 -0400
Received: from smtp2.corp.netapp.com ([10.57.159.114]) by mx2.netapp.com with ESMTP; 16 Jul 2006 06:11:00 -0700
X-IronPort-AV: i="4.06,247,1149490800"; d="scan'208"; a="393332618:sNHT21563760"
Received: from svlexc03.hq.netapp.com (svlexc03.corp.netapp.com [10.57.156.149]) by smtp2.corp.netapp.com (8.13.1/8.13.1/NTAP-1.6) with ESMTP id k6GDAleC022642; Sun, 16 Jul 2006 06:10:47 -0700 (PDT)
Received: from exsvlrb01.hq.netapp.com ([10.56.8.62]) by svlexc03.hq.netapp.com with Microsoft SMTPSVC(6.0.3790.0); Sun, 16 Jul 2006 06:10:46 -0700
Received: from exnane01.hq.netapp.com ([10.97.0.61]) by exsvlrb01.hq.netapp.com with Microsoft SMTPSVC(6.0.3790.1830); Sun, 16 Jul 2006 06:10:45 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [nfsv4] Re: NFSv4 ACL and POSIX interaction / mask, draft-ietf-nfsv4-acls-00 not ready
Date: Sun, 16 Jul 2006 09:10:43 -0400
Message-ID: <C98692FD98048C41885E0B0FACD9DFB8029EFB06@exnane01.hq.netapp.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [nfsv4] Re: NFSv4 ACL and POSIX interaction / mask, draft-ietf-nfsv4-acls-00 not ready
Thread-Index: AcaoFoXLO1mBXLrVTvOnjxgaYifklgAwlXXg
From: "Noveck, Dave" <Dave.Noveck@netapp.com>
To: Sam Falkner <Sam.Falkner@Sun.COM>, "J. Bruce Fields" <bfields@fieldses.org>
X-OriginalArrivalTime: 16 Jul 2006 13:10:46.0242 (UTC) FILETIME=[400A3C20:01C6A8D9]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: e8a67952aa972b528dd04570d58ad8fe
Cc: Lisa Week <Lisa.Week@Sun.COM>, nfsv4@ietf.org, nfs@lists.sourceforge.net, Spencer Shepler <spencer.shepler@Sun.COM>, Brian Pawlowski <beepy@netapp.com>, Andreas Gruenbacher <agruen@suse.de>
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/nfsv4>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
Errors-To: nfsv4-bounces@ietf.org
What does Solaris do about chmod +s? Does it modify the ACL? -----Original Message----- From: Sam Falkner [mailto:Sam.Falkner@Sun.COM] Sent: Saturday, July 15, 2006 9:56 AM To: J. Bruce Fields Cc: Lisa Week; nfsv4@ietf.org; nfs@lists.sourceforge.net; Spencer Shepler; Pawlowski, Brian; Andreas Gruenbacher Subject: Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction / mask,draft-ietf-nfsv4-acls-00 not ready On Jul 11, 2006, at 9:46 AM, J. Bruce Fields wrote: > On Tue, Jul 11, 2006 at 08:29:21AM -0400, Sam Falkner wrote: >> That's not how Solaris works either. Sorry, I should have explained >> it better. In Solaris using POSIX-draft ACLs, chmod() changes both >> the group permissions and the mask, simultaneously. I now understand >> why you were hesitant to have chmod affect the group permissions, but >> having it affect both mask and group solves both problems. > > I think you're missing the point of his example. The point is that a > chmod-using application may expect the sequence chmod(600) chmod > (664) on > a file with mode 664 to be a no-op. > > But if chmod() changes both group and mask bits ("owning group" and > "group file class" bits) then this sequence isn't a no-op any more in > his example. It gives GROUP@ write permissions. Okay, understood. > So Andreas is trying to ensure the property that any sequence of > chmod's that leaves the mode bits the same also leaves the ACL the > same. I agree that that's a nice property. Perhaps, but I think having chmod unable to set the mode to be a much more undesirable property, to put it mildly. > What I'm not convinced of yet is that this is really worth caring > about much. Is this common application behavior? Have there been > complaints about this from people using Solaris's ACLs? I did some more research, and found that the Solaris chmod() system call does pretty much what Linux does -- the group permissions of chmod() affect the mask, not the group permission bits. Originally, the chmod command did the chmod() system call, and not much else. There were many complaints about this. So many that the chmod command line was changed to do the chmod() system call, and then, in the presence of an ACL, fix the permission bits. In other words, the bug was fixed. I have found no complaints about the current Solaris behavior, where chmod affects group permissions. - Sam _______________________________________________ nfsv4 mailing list nfsv4@ietf.org https://www1.ietf.org/mailman/listinfo/nfsv4 _______________________________________________ nfsv4 mailing list nfsv4@ietf.org https://www1.ietf.org/mailman/listinfo/nfsv4
- RE: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Noveck, Dave
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Lisa Week
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Andreas Gruenbacher
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… J. Bruce Fields
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Spencer Shepler
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Andreas Gruenbacher
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… J. Bruce Fields
- RE: [nfsv4] Re: [NFS] NFSv4 ACL and POSIX interac… Noveck, Dave
- Re: [nfsv4] Re: [NFS] NFSv4 ACL and POSIX interac… J. Bruce Fields
- RE: [nfsv4] Re: [NFS] NFSv4 ACL and POSIX interac… Yoder, Alan
- Re: [nfsv4] Re: [NFS] NFSv4 ACL and POSIX interac… J. Bruce Fields
- RE: [nfsv4] Re: [NFS] NFSv4 ACL and POSIX interac… Yoder, Alan
- Re: [nfsv4] Re: [NFS] NFSv4 ACL and POSIX interac… J. Bruce Fields
- RE: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Noveck, Dave
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Sam Falkner
- RE: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Noveck, Dave
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Sam Falkner
- RE: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Noveck, Dave
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… J. Bruce Fields
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Sam Falkner
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Sam Falkner
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Sam Falkner
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Andreas Gruenbacher
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Sam Falkner
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… J. Bruce Fields
- Re: [nfsv4] Re: [NFS] NFSv4 ACL and POSIX interac… Andreas Gruenbacher
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Andreas Gruenbacher
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Sam Falkner
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Andreas Gruenbacher
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Andreas Gruenbacher
- Re: [nfsv4] Re: NFSv4 ACL and POSIX interaction /… Sam Falkner