[nfsv4] Re: Our different approaches to draft POSIX ACL support in NFSv4

Rick Macklem <rick.macklem@gmail.com> Sat, 27 July 2024 01:40 UTC

Return-Path: <rick.macklem@gmail.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 77519C1D4A68 for <nfsv4@ietfa.amsl.com>; Fri, 26 Jul 2024 18:40:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P12RymEYMRWy for <nfsv4@ietfa.amsl.com>; Fri, 26 Jul 2024 18:40:51 -0700 (PDT)
Received: from mail-pj1-x102c.google.com (mail-pj1-x102c.google.com [IPv6:2607:f8b0:4864:20::102c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06120C1CAF59 for <nfsv4@ietf.org>; Fri, 26 Jul 2024 18:40:51 -0700 (PDT)
Received: by mail-pj1-x102c.google.com with SMTP id 98e67ed59e1d1-2cb5789297eso1034224a91.3 for <nfsv4@ietf.org>; Fri, 26 Jul 2024 18:40:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722044450; x=1722649250; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Ackuo4t9uTE+Nf7QP0kjv42CAngrWoWBuKQnCCiilkI=; b=McmJ6kos9hCMtbLHb+Vk4zPatoMRiI5cRP/+XTW9J8ljrjbn8X2kT6kNWuwSt25dI0 4bNXczrnWxLnZ9StFTHSJsUPeHodWxfHwzEYoT3aY+9+2YrdmreA40p5X7+xdzyOdNDK 5Nn/KCeO0oLwVUYZRkeOU71I5/sdvn+PZ1tjeUyf3lyCQD62s5wJ6ttue9852OKIcC/i Fel7yO3+MiTI70GypGviKpvqxtBX0izKrgW5KlcHei8XQJeHDjhzOH2SUQhar5kMJ2ng bH/vex4KKXWfgsjXnaV9m0emVm8DAJvKnHo1jdba2L+EpbOrony7ubVL/3OW/PoEino7 KnWA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722044450; x=1722649250; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Ackuo4t9uTE+Nf7QP0kjv42CAngrWoWBuKQnCCiilkI=; b=tPKwSSXELTdncbzOYW7uSOq7XXhk9jATxG5Eo8GmXk73tQRXnMszQMbLLgrcNcDwYN cI9ohq0blQb6IInQOKLgKwAUCfHN3jFKXqmZnzYMEv2cvIKaAI5D3meqSbvHBpLLIG48 RiUnROCewcz++2sj6fY/AfN5WagQVar1wbKzJWFTYMk/DQRDCzj7oHjDR2Un8E/uHK+H DsikIIbIl7wEqxSq9BSrOc9AV9AG4Mu1j8sTEt7j+rHqteZ/RIiBZwZVSiIsUv7ZerPq aWJ5kuQg7E1hjnvpG1yTmVScVtFT6qcr8TPffC3fSOGxqJivc7h8nta49HSo+wVanvSn d/Nw==
X-Forwarded-Encrypted: i=1; AJvYcCVB/j3h40eAlyCxM6NMkCIO14Uc9+ntve3+2Cst7UpyrjFltovu65J3rtqa4eT1ZfsM6bKDsAolE0s9mzt+8Q==
X-Gm-Message-State: AOJu0Ywrme3cg1AJQnV6DVIdwMuTZ6hJmi3/QECD7LWm3r5I6Ew7T6KG Jqvxfh6aB2plneLliwOPH8kfBf4cG8gg1nh8pjeFt+EgUkgQ7bKVqAQfkSEFbFhFUbP5J7Se86L xiKAZFbgUI3mpLi29R+UZFFDuSA==
X-Google-Smtp-Source: AGHT+IH4inZk8j0/dcyTotsb8R4Zx6sGzNvKT77OPSu5F2oBSUzFxASVFOqKD+3JRQiND0Il5D7y12p8MIxcuPpUwS0=
X-Received: by 2002:a17:90a:eb09:b0:2c9:9eb3:8477 with SMTP id 98e67ed59e1d1-2cf7e1c81a4mr1363879a91.16.1722044450093; Fri, 26 Jul 2024 18:40:50 -0700 (PDT)
MIME-Version: 1.0
References: <CADaq8jdvZ5pcFNN5zjuVHLTO30v9=2kYKzFdRxxbkTmHYZdTdA@mail.gmail.com> <CAM5tNy7Fw954gCzYHCTjRg7th_njSHhxznni48Zz4xsSXT631A@mail.gmail.com> <53DAEF45-2A4D-4066-97C2-7B09018DE99B@oracle.com> <CAM5tNy6a4ZG90i2ugXzuPqQ1zrsK9m8jLRKmv9VpnFG6m_Pqew@mail.gmail.com> <DD250FBD-A434-4294-818A-5728757CE032@oracle.com> <d1c538065728c17df66a6f9e79e55d90849fc866.camel@gmail.com> <D352FEB9-A487-4B3E-9BC8-DB2C1896F941@oracle.com> <8efc39289ecef97624622cfc431f890736b579a0.camel@hammerspace.com> <33FA1D6E-73B3-43A1-B65C-D806156E39A5@oracle.com> <cf8a48e517210512755455dd78352ae5b64f7949.camel@hammerspace.com> <449AF448-1471-47CD-B5C5-3A3A5FB9FB12@oracle.com> <2e32694382df3e70a93edcf40434a41729031e55.camel@hammerspace.com> <83c39a7b12c05b0f1a0fa6e069b08e399864277a.camel@hammerspace.com> <CADaq8jfw1FVH3dxOEJAZLrw_S5y2F6eaGkcfpha4X8BBNWgRSQ@mail.gmail.com> <6903782a95875541489844e33541114f0bf01acb.camel@hammerspace.com> <CADaq8jdFYo_DtRxS3h17dyQSFqXeoR60OjsjMM=o35HDg8ZnNg@mail.gmail.com> <855662e75c4433042fd9875c2c9c5d0244c929da.camel@hammerspace.com> <CADaq8jdZzqt-bXB4YsO=R2qpT9MNfwvSAJyBJng1qjGFTn2tbw@mail.gmail.com> <CAM5tNy5oVnyP66fzZsQXnNQcTYtpQaR59Q6io92F4LX74gPivQ@mail.gmail.com> <7FAE51A2-6E14-412F-8B0A-AC617AE4173B@oracle.com> <CADaq8je9VqYoe8StfezCNjYPD3-dGmbz-zNSO51RBmfzCPcgeA@mail.gmail.com> <F7648EA3-E6A1-4741-85EF-C73801E703D0@oracle.com>
In-Reply-To: <F7648EA3-E6A1-4741-85EF-C73801E703D0@oracle.com>
From: Rick Macklem <rick.macklem@gmail.com>
Date: Fri, 26 Jul 2024 18:40:42 -0700
Message-ID: <CAM5tNy5=hQktYRB6Lvcgr=r3-L68DgXO=TX9dME0ZjeQKf+QSQ@mail.gmail.com>
To: Chuck Lever III <chuck.lever@oracle.com>
Content-Type: multipart/alternative; boundary="000000000000bc4f0e061e30b764"
Message-ID-Hash: 7YCPBJNV35D4Y64QQ7XRVTURD45HHWBM
X-Message-ID-Hash: 7YCPBJNV35D4Y64QQ7XRVTURD45HHWBM
X-MailFrom: rick.macklem@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-nfsv4.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Trond Myklebust <trondmy@hammerspace.com>, Bruce Fields <bfields@fieldses.org>, "nfsv4@ietf.org" <nfsv4@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [nfsv4] Re: Our different approaches to draft POSIX ACL support in NFSv4
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/SoU8sIJjGGJcns2m_q801nB2gY4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Owner: <mailto:nfsv4-owner@ietf.org>
List-Post: <mailto:nfsv4@ietf.org>
List-Subscribe: <mailto:nfsv4-join@ietf.org>
List-Unsubscribe: <mailto:nfsv4-leave@ietf.org>

On Fri, Jul 26, 2024 at 9:05 AM Chuck Lever III <chuck.lever@oracle.com>
wrote:

>
>
> > On Jul 25, 2024, at 3:36 PM, David Noveck <davenoveck@gmail.com> wrote:
> >
> > On Thursday, July 25, 2024, Chuck Lever III <chuck.lever@oracle.com>
> wrote:
> >
> >> I agree there should be one per file,
> >
> > Definitely.
> >
> >> and that the server's
> >> local file system should determine which type of ACL it can
> >> support.
> >
> > I would think it determines the set of types  it  an support.  This can
> be ofen will be a singleton or the null set.
> >
> >> (I don't envision a scenario where one file system
> >> could support multiple types of ACLs).
> >>
> > I consider it unfortunate that your vision is so limited.
> >
> > I expect to face the issue in the near future since Netapp supports a
> considerable portion of the NFSv4 ACL model and will want to support the
> draft POSIX ACL.
> >
> > I don't think it is reasonable to tell users that they have to get rid
> of their existing ACLs in order to allow them to use draft POSIX ACLs.
>
> Hopefully this can shed a little light on the use case
> that Linux NFSD might prefer -- I'm not denigrating any
> other usage scenarios.
>
> For Linux NFSD, its local file systems can store only
> POSIX ACLs.
>
> In order to provide broad compatibility with existing
> and new clients, I'm thinking that NFSD will provide
> GET/SETATTR capabilities that allow clients to see both
> a mapped NFSv4 ACL and a POSIX ACL per file; the mapped
> ACL will be created from the stored POSIX ACL to satisfy
> GETATTR requests, and access authorization decisions will
> be based on the stored POSIX ACL, as I believe NFSD does
> today.
>
That sounds reasonable to me.  I will note that I thought
(maybe I misinterpreted his comment) Christoph thought the
above was a very bad idea.

I am thinking that there might be use for an additional
new attribute that tells the client which type of ACL is
actually being stored.
That way the client might choose to Setattr that type of
ACL to avoid mapping, while allowing the server to provide
both the acl and posix_acl attributes (doing mapping for the
type not being stored in the server's file system).

Another fun corner is handling of inheritance. POSIX draft
ACLs allow a separate (and possibly different) ACL for
inheritance (called the default) than the one for access.

rick


> NFSD will map incoming NFSv4 ACLs to POSIX ACLs before
> storing them. Storing either type of ACL will wholly
> replace the POSIX ACL that is already there.
>
>
> --
> Chuck Lever
>
>
>