[nfsv4] Re: Our different approaches to draft POSIX ACL support in NFSv4

Chuck Lever III <chuck.lever@oracle.com> Tue, 23 July 2024 21:26 UTC

Return-Path: <chuck.lever@oracle.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E20ACC1519A3 for <nfsv4@ietfa.amsl.com>; Tue, 23 Jul 2024 14:26:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.103
X-Spam-Level:
X-Spam-Status: No, score=-7.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=oracle.com header.b="RN+m+y3y"; dkim=pass (1024-bit key) header.d=oracle.onmicrosoft.com header.b="sK0CAXzv"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oHCU1UJ3ReMw for <nfsv4@ietfa.amsl.com>; Tue, 23 Jul 2024 14:26:43 -0700 (PDT)
Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 16476C14F70D for <nfsv4@ietf.org>; Tue, 23 Jul 2024 14:26:42 -0700 (PDT)
Received: from pps.filterd (m0246617.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 46NGQTBC021314; Tue, 23 Jul 2024 21:26:37 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h= from:to:cc:subject:date:message-id:references:in-reply-to :content-type:content-id:content-transfer-encoding:mime-version; s=corp-2023-11-20; bh=UX90cHdVj5aMa+egONiUVYl8SniADv9rPhLg7a94+ a8=; b=RN+m+y3yf30FOy0nSgBKk6RaMObBMUpXQKs1yWp7m3H8vK6av8GHvAnGy UgAd+L9fAA5JqL5RVEs1nfrLoBzBVJ69MzNOe/9axKcnbOzVVMprj30R7Gu0htF8 tqCMhOjjxOjxjP8SXlHajVG4lo2lzVjzEhypya0CzhOeh/0n6OHZcEmLIfqURi4V Zsa/QC3Oh10qNN8tlQ/Trbcoxgz71OoeYG8he+H1A6MvUIOzmU3WL7AZPqAqydxi aHaLuggJVbE65paePM5ihjwamxTml8BFqje+q486FdkcfcW/wYkHB4KgE7LuX82G +1h1kP9Ms2cvJCn7JqKIxwwDj5kSQ==
Received: from phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta02.appoci.oracle.com [147.154.114.232]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 40hfxpfvs7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 23 Jul 2024 21:26:37 +0000 (GMT)
Received: from pps.filterd (phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (8.17.1.19/8.17.1.19) with ESMTP id 46NKNvTx018877; Tue, 23 Jul 2024 21:26:36 GMT
Received: from nam11-bn8-obe.outbound.protection.outlook.com (mail-bn8nam11lp2177.outbound.protection.outlook.com [104.47.58.177]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 40h280799d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 23 Jul 2024 21:26:36 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=bZHgU/u8jBgt+MkXkW75VP8flHN+79tRF+yssDK2GWuHSsOetYz4kTohOnt4SWuv9AjJti48rsvRVcuPJOJvDWTzMFGTai8MQ2EoGkxnvbyMRGJ5Xe7c+cmCSgEQEAwvbZR/q44+XleDM86ES33MLM7bILhUJKUCru7xVK8xFFMpJAIp0FsHGzPDQQ01HJTLHY2EMrozMGX0ihgkHPZ+rb97SAkTAg99KhRMsLFidVv1t62CZG5Us54OqNx62sZ0B6bUADFQBtvpaaa0iXet4UTYWIkV++HZya9zpsTdpfHmw3HNSU/9r1XxJSTv41fFPHBWCUrgDCBltUScnU9HmQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=UX90cHdVj5aMa+egONiUVYl8SniADv9rPhLg7a94+a8=; b=D3bJQbkJ7/TGZSinL8ugEAtXMjLlrkYi/zRuk2Z52KC+ZPuhimT6HTdGry8UIlMr+n3oqxK9KmUDNrZcOUB78hItfRpUMS49zJy5dUNPBupaX/jUGr6hy6/e+NHjGwPx2rpOZYRcqUmPy+yW1RDTh5pSoNHaobF7GfH+nmYhft07sC5b/UpbL6+mW77Njm3yC645vEWBN5TM2iF15BwY8uTvtIJRg+BswNn3G+edq4XnuES/SlD8xb+/cNgSYz66YZ7DRz6hQDOeYHwDlbx5CcN87+22qD7i2r7e0kCvI+Z1zh9fKDE4lj163pqQvhCmFOUfEeQx6EV34PqbgSqJ5A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UX90cHdVj5aMa+egONiUVYl8SniADv9rPhLg7a94+a8=; b=sK0CAXzvB8bZrIfze5giWwCeVFMOc/piR1ahzLP7lcXO9KzJF2ONdVcBWn5JffvCTXpHqCmVEwlGIDL2rrtX/Ep+QcGKuoZ4w9MA3E4ykQbISXYJZe0sVc8zZ5tcWGapgmfess4em17BPJUbffz6pbUXxXElAGQf0vyHLatC2cA=
Received: from DS7PR10MB5134.namprd10.prod.outlook.com (2603:10b6:5:3a1::23) by LV3PR10MB7937.namprd10.prod.outlook.com (2603:10b6:408:21c::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7784.16; Tue, 23 Jul 2024 21:26:34 +0000
Received: from DS7PR10MB5134.namprd10.prod.outlook.com ([fe80::39b2:9b47:123b:fc63]) by DS7PR10MB5134.namprd10.prod.outlook.com ([fe80::39b2:9b47:123b:fc63%6]) with mapi id 15.20.7784.017; Tue, 23 Jul 2024 21:26:34 +0000
From: Chuck Lever III <chuck.lever@oracle.com>
To: Trond Myklebust <trondmy@hammerspace.com>
Thread-Topic: [nfsv4] Our different approaches to draft POSIX ACL support in NFSv4
Thread-Index: AQHa3RTFYzFOw6m660aPyWj6h8Al8rIEnNMAgAAP2ACAABoegIAADPyA
Date: Tue, 23 Jul 2024 21:26:33 +0000
Message-ID: <449AF448-1471-47CD-B5C5-3A3A5FB9FB12@oracle.com>
References: <CADaq8jdvZ5pcFNN5zjuVHLTO30v9=2kYKzFdRxxbkTmHYZdTdA@mail.gmail.com> <CAM5tNy7Fw954gCzYHCTjRg7th_njSHhxznni48Zz4xsSXT631A@mail.gmail.com> <53DAEF45-2A4D-4066-97C2-7B09018DE99B@oracle.com> <CAM5tNy6a4ZG90i2ugXzuPqQ1zrsK9m8jLRKmv9VpnFG6m_Pqew@mail.gmail.com> <DD250FBD-A434-4294-818A-5728757CE032@oracle.com> <d1c538065728c17df66a6f9e79e55d90849fc866.camel@gmail.com> <D352FEB9-A487-4B3E-9BC8-DB2C1896F941@oracle.com> <8efc39289ecef97624622cfc431f890736b579a0.camel@hammerspace.com> <33FA1D6E-73B3-43A1-B65C-D806156E39A5@oracle.com> <cf8a48e517210512755455dd78352ae5b64f7949.camel@hammerspace.com>
In-Reply-To: <cf8a48e517210512755455dd78352ae5b64f7949.camel@hammerspace.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3774.600.62)
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DS7PR10MB5134:EE_|LV3PR10MB7937:EE_
x-ms-office365-filtering-correlation-id: 639335bb-b985-425d-a048-08dcab5e207e
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|376014|1800799024|366016|38070700018;
x-microsoft-antispam-message-info: cxXGDh8hCCPXadC7E05E8BZTcOV8eCE2sK0u8nUB54e1bdsBnI7I0KUgDn1lzM+9EwFufY9PJ/BOBM+iMzAkn1Oxe7Okg/6pfWH+hnMWGYIsswyZwriA0t3gQIJDMLtx1cNBdQTbCQ1uXne+OkHTCWJOktDDmKW89h5TOyh+8r+Jyn0XXWEXj97Ul6UpbBSFdd8v/iSiV/91gFW7w6pRKmRnnyYnq1lQSKtNeTz2ZTIlbrjN0IKNGwUXD4pkMjWXoxF3N0HesyTXKGKCJ0A28dwDEAn99EBGQ6emrTA2zvGpUolb9IQEqAWN8wbHzok6KFntARsmxDY/C4xq20BFZnAjABYNsIGmRZ+obZvZqGWfe4OaAKBhDcK4EIEJnP8c4hm4qFH1mXzrjeC8OybAkQ8hG4lRXNpXSeftWWPnNFPeeE/cCAlhjyTMac8FsOTkiVfqo4vwKRKpPSmhDIMOE4ZO2T8YoexgzWDNOBGYeiYB70gPmY5YKPt9NWVzApO/YQcS8/Cn3XA3ByNi8NsF78qhIyVQuzfCnTdHa8RqncEkm0IpNvMMcoeBkmtPsUcWFCQW3/AhvXIq1N+CRiTOY438w/sKzzpRCaqaXBOSc3SqLYp8iKFVOqqfpYzHiliAcVxo50Qu/9WKjI2ZR/O1RC5HCfFaDhrb/ixpYTKuccy9vzyuImghPma3PqG6eesxXKV21VGGV2IbdKhlPcURAXfblffpG4aBNx8VAKDdphNe4AXZo1cFGEgYccfDH2BI7cbCog3IaxieXSi+4hvNBE/qWy4Tr4ReJ6dS10p83ZjkENwcPPOSTHMHlfxxPNF0NFJjqUm3L7hlrNrlt6brJj/Lmfu6tKbjWqCOUDzuZrmoHVVbro3mzcggrEdQypIJxn6iHOjIyacbFhmiAGGwwfUnXTts4CLvKK6KqQEO7bSpM24RSipme+xaHwLeH1D5h25ToU14Ydh6uenD5ZPO3RhyzwqE0CYCgea0PK7k+QsI2xbpdWt8FZXfOm2gJRlOJLClYiTmLUmdcI4vh73DpBzGOc7io3X/jBspU6dfM5mxhKf/y7wQbFVgmq6WlBqnDkm77sNcCVROHgn4IOaAQbL2mEy7Qt1Yr/ol7g8c/rUPGzOU1cM55fJWxxmbtspbJWW3oJ4h+9/xn5yRFY8eOZ/6h2bgSRat71hMPrTl3YNVq1S+YqQSy14suOYPTSWEhpt9Te99CqTSTC7MOuswslet/+KgOiDM9AiOo+ur2UgSifHx6RU1EqwcH69P0HMRX1ljawxxARbdYeKVwp1s62VhGRkhb/LcmnViaJmZM9RIWSBxuuQfPYsvZUxEoaDmSmW3XGH8QaZec5HDdiHVMjY/peNNLSxLmrDIKNecpVQ=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS7PR10MB5134.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016)(38070700018);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: x/ruiZish+OU5N3ZWTh6Ws+C/8d38QYGLV6P4AI3TKjgW47m+sTs4OgvyOFb/qaUtaFZIfu441BUknq3QyX9AiGvqQBUYMbTfW7yYQbGWKdTd2Vf1Pya+INGXHFQvZ4vekvkPqwaZXhpcq8HtfKxhKb7vgAS/K1oS6UHpPnP5hw+JEFbLMv6DmHYU6s5MVvLNVhOs+mdKGtxj8wew+dZTNc+hWkOQ16X2o/4oIC96Zz3X6m8OS8q5a3aMBoZQ4qgEt0h193HOdF2ewL42Qk/dSGGmYFv8ABHjVS3ZTKHVX4TAozjc2wWZok+KegCq9DpBAvdJW8Dvejgg7FYdMueVMRceLLaYruaTenYAELkh6j8zrtCwnc1bFHg0uxVdM5WfJD5w6a3eoRID1ZmSoo068VaO+YJEPJkJMDXQWsr3ybML4perNxceCmONwEhVkJEeiFC3M8nC0o8wtDdYFR/pvFoFLBJXiRcpLhrcCELTL9v0o3LhAxictO/HFvhpzA9thvb409pfX7gBo1nid0AZdY/Eg9CbzIt/OtQ1lTUzI79gOAPWRodaAbiqvariaAcLijn6PkcSF4v/ItjtE9e+PUa7JBoT6FW/GVSZdZBJ61sCNAOauLYI10KHrZ86Ll429agP7w6nq0wWpGzmmJTNH7zmozrqnsZFWR24oX+NDT0G9C8c0yutyNjjFkN6Che2j61nBchhVjYc+zVqII3YABemxPTniT1yqilv4WpUjjWCdkiuLPlVsKr4bfcrsmMf9TZxMPVaLh6Ed530Zx64i1lUttMWWZqPTBTGV7S6oek6MpmqnQIXF0XJ+NNAe0bdbVfCfnBSTcTofr5KsfArDqQ5Z/GQxNcUGsWNGhVh7NGxxSHp17pucCBCGlw3N/9DgXhVMDp9mRyf5rTRnBSDSvU1a9cSuICFZmf/ie72zkAdSKbkL2swMEb062xGXum9johqy0cWCa6Ac8QX+WYSu0SCwxjm/xO8eqwBQE5MPNH3CL8Enpcy3an8LHX0yJ9XxoX/DRT8rN7n5PfU9emwlF74rgGuWt3+b2VSR4y/rB+5M1jDZj9vI9BszAhrLhIoFdqW7nd1jGHXwgtCOZtnknkk5kgeuDDtc1emzqxlmUHQGA2O8hZkBx/wfV+myNHxSGgphKwoeDRIHNE/0CQsYWF+c/EMV3PhSF0tfKeyqIvDPb1s2rsQikGGAE1sM7d3A4vEja5YW4znevS8RWaodQjnAvfbqZzof6wZMLiELXT6Ea4a7cPMJIKToFjhP4TqVL+iUouWQLaXfQKwdSdNookwlWTuW8Nc54G7nLNEzVruKUZDLQ7kgbjPi3r5CqhuFfTIpPVfWFHIOMlvtSv6NeQWBOD+yvrV8dNgBCCNmtb4ec6dcMnBZSMw8HqmcTGGvTTIiUPrrC4H8h5i6O2KVVdUf83xDf0/MPqC8E3tNYp2uC5HTmhW4siWQR0svXekvyxTi3RMlb6XpZ67ANq92f7WviuIRz3yJiD0ipVlmZn8BmY75C1+NgeDzYhPX4srvTQEzhnyd564mzX6Wrj0u5glTt+xgjAx/EFtMEEXc0I1G0g2DtvmKqIu0CafsgR5zJTmRmck8kh2CwfUtoeow==
Content-Type: text/plain; charset="utf-8"
Content-ID: <9C5A60EAE28B034CAE5E468CEF7D4D57@namprd10.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: +oIUk7+tmQrN9O+NbXTfq5R1RYWfrJrY9kjEHTimhoPWfTJ+CvLx7zZEi2RQgzQt4eKlMfHjdSqzwxm7UZW5B/AK3jN57jy54jkBx/MdW7EF2+MR3qqmPwLhENBnwnjtjxaKbmlNeSBoMMjRVbkNFyM8zALsLwzWfAW4RdaWCoNckPlatBCDZOslnKXJ0iW90fu3w8M8ig7O1GxKrDKQS97QvJDfDxYVlZlMbcn8FhqYr/eAoE0ab2Xywgs+/0Dh7HSIVJx7tSWIEk8Bc2SVIMnlCQWRSttSXUiimgcfp8WnC5Nt+tYeDIVvBE+bJJS9gWmQIohnyvU0i5Qp9e9sVWhVZ16insQA6KMoEdrpxxFHI8MjxrIN81uSlRUVBMxa0Pw5dYxyaLwfftbcZbu7gbGaeQjX6bqUnf0E7CCxaTh1Pddl54tAsiVHExcBYMgaosMyPvhWwQLuDXVKqC3VDndRXQ9EaK3nshgLSWw/wDIj/ZGfNKTqGxRFlJEvREd8MYbSb6Njc/4CHDnQmVzISaBsBDqhv9VfLvapz/GWet3NN9ZmYB74eWlzSH93rkTpQ1EkIgGjJW3wHv1lNXh1q/uGRhUX5nudpl3FUlWI7NM=
X-OriginatorOrg: oracle.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DS7PR10MB5134.namprd10.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 639335bb-b985-425d-a048-08dcab5e207e
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jul 2024 21:26:33.9697 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: a+LxmLx1Odm6eFP5lOwVUiia3aSzEbpm44Bd+J+1529EMnyjodZh+ayDhrWsSAHKO6p3lGH3oMKqcc6EL1x+lg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV3PR10MB7937
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16 definitions=2024-07-23_13,2024-07-23_02,2024-05-17_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 suspectscore=0 mlxlogscore=999 adultscore=0 phishscore=0 spamscore=0 mlxscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2407110000 definitions=main-2407230149
X-Proofpoint-GUID: 1ioNjUb3FN50l89eburGKOfJH7gQS-z5
X-Proofpoint-ORIG-GUID: 1ioNjUb3FN50l89eburGKOfJH7gQS-z5
Message-ID-Hash: HBSS5NTYJB32AIWJ7IWODU4QW5VCTWPR
X-Message-ID-Hash: HBSS5NTYJB32AIWJ7IWODU4QW5VCTWPR
X-MailFrom: chuck.lever@oracle.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-nfsv4.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Bruce Fields <bfields@fieldses.org>, "nfsv4@ietf.org" <nfsv4@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [nfsv4] Re: Our different approaches to draft POSIX ACL support in NFSv4
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/DdnaQHk72C6bmCLI1ANNWEioJuI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Owner: <mailto:nfsv4-owner@ietf.org>
List-Post: <mailto:nfsv4@ietf.org>
List-Subscribe: <mailto:nfsv4-join@ietf.org>
List-Unsubscribe: <mailto:nfsv4-leave@ietf.org>


> On Jul 23, 2024, at 4:39 PM, Trond Myklebust <trondmy@hammerspace.com> wrote:
> 
> On Tue, 2024-07-23 at 19:06 +0000, Chuck Lever III wrote:
>> 
>> 
>>> On Jul 23, 2024, at 2:09 PM, Trond Myklebust
>>> <trondmy@hammerspace.com> wrote:
>>> 
>>> On Tue, 2024-07-23 at 15:27 +0000, Chuck Lever III wrote:
>>>> 
>>>> 
>>>>> On Jul 23, 2024, at 10:27 AM, Trond Myklebust
>>>>> <trondmy@gmail.com>
>>>>> wrote:
>>>>> 
>>>>> On Tue, 2024-07-23 at 13:54 +0000, Chuck Lever III wrote:
>>>>>> 
>>>>>>> On Jul 22, 2024, at 7:13 PM, Rick Macklem
>>>>>>> <rick.macklem@gmail.com>
>>>>>>> wrote:
>>>>>>> 
>>>>>>> I just looked at opensolaris/usr/src/head/rpcsvc/nfs_acl.x
>>>>>>> which I think is the closest thing there is to a spec. for
>>>>>>> NFSACL.
>>>>>>> (FreeBSD does not implement this protocol and all I know
>>>>>>> about
>>>>>>> it
>>>>>>> is what this little .x file indicates.)
>>>>>> 
>>>>>> That's excellent, thanks for finding it.
>>>>>> 
>>>>>> My concern about this is that the cited .x file falls under
>>>>>> CDDL, and thus cannot be used directly by a GPL-encumbered
>>>>>> OS like Linux, nor can it be contributed to the IETF in its
>>>>>> current form.
>>>>>> 
>>>>>> This is clearly prior art.
>>>>>> 
>>>>>> My question then is whether we should endeavor to produce
>>>>>> an Informational document that describes NFSACL without
>>>>>> encumbrance -- ie, get Sun-Oracle to contribute that work
>>>>>> so that it might be used openly.
>>>>>> 
>>>>> 
>>>>> Why do we care?
>>>> 
>>>> As I explained, we do want to have a protocol specification
>>>> for NFSv4 that will not be disruptive to folks who were using
>>>> NFSv3 and are now accessing the same ACLs via NFSv4.2+
>>> 
>>> No we don't.
>>> 
>>> We need a new protocol specification that works correctly with the
>>> draft POSIX acls in use with existing Linux and other filesystem,
>>> and
>>> that supports all the features of the IEEE 1003.1e draft 17
>>> document
>>> that were implemented within Linux and the *BSD.
>>> Once we have that, I will happily plug that implementation into the
>>> inode 'get_acl()' and 'set_acl()' callbacks, and people will be
>>> able to
>>> use the bog standard getfacl and setfacl utilities to control the
>>> POSIX
>>> ACLs as if they were running on a native filesystem.
>>> 
>>> If people then still want to use the nfs4_getfacl and nfs4_setfacl
>>> tools to use the existing ACL attribute against a server that
>>> implements the draft-ietf-nfsv4-acl-mapping-05 (or whatever it is
>>> that
>>> the Linux server actually implements) then they can continue to do
>>> so
>>> without any further help from this committee. There will be no need
>>> to
>>> encourage the development of further broken implementations, if
>>> there
>>> is a real NFSv4.2 API that can replace it.
>> 
>> That's all very nice, but....
>> 
>> I'm not talking about mapped NFSv4 ACLs or
>> developing legacy implementations, so let's put
>> aside those straw men, please. You seem to be
>> getting excited about something I didn't write
>> nor did I intend.
>> 
>> The proposed fattr4 POSIX ACL support needs to be
>> compatible with NFSACL as well. The view of POSIX
>> ACLs from an NFSv3 mount needs to be compatible
>> with whatever can be seen via the proposed NFSv4
>> POSIX ACLs.
>> 
>> At the very least, those compatibility requirements
>> need to be stated in acls-04. I wasn't necessarily
>> looking for an on-the-wire form of compatibility,
>> that's just what Rick brought up in the discussion.
>> And I had no idea that NFSACL had a version 4.
>> 
>> But semantic compatibility is needed, and that is
>> complicated by not having a published first-order
>> description of the legacy semantics.
>> 
>> Further, acls-04 needs to address the fact that what
>> it is to propose looks semantically and on-the-wire
>> a lot like NFSACL, and that protocol has been in the
>> wild for 25+ years, has no published specification,
>> and is very likely encumbered. This IP issue has to
>> be spelled out and addressed somehow.
>> 
>> A simple, concrete proposal would be for Oracle to
>> contribute NFSACL to the IETF via an Informational
>> document similar to RFC 1813.
>> 
> 
> The draft POSIX ACL spec is not based on some spec for NFSACL. The
> draft POSIX ACL spec is IEEE 1003.1e draft 17.

This distinction is likely to be lost on casual or
even somewhat expert readers -- perhaps a reader
who is not technically informed but is looking for
a legal opportunity. The /purpose/ of NFSACL and the
proposed protocol are the same, and so is the set
of architects who are working on these protocols.

acls-04 should therefore recognize that NFSACL is
prior art and explain the differences in provenance
that unlink acls-04 from NFSACL. For extra credit,
use the term "clean room implementation" in one or
more complete sentences.


> The contents of the NFSACL xdr file are at best a description of an API
> that we will not be wanting to follow, because it describes an RPC side
> band protocol, and is based on NFSv3 semantics. It does not describe
> draft POSIX acls.

Which is why I agree that nfs_acl.x by itself is
not up to the task of backing up IP claims, and
would like to see more substantive documentation.


> If you want a reference that is independent of the IEEE draft, then why
> not instead go for Andreas' Freenix paper from 2003?
> https://www.usenix.org/legacy/publications/library/proceedings/usenix03/tech/freenix03/full_papers/gruenbacher/gruenbacher_html/main.html
> That actually describes in detail the spec that needs to be followed.

IMO this doesn't address the IP issue at all.


--
Chuck Lever