IETF Logo Mail Archive

[nfsv4] RFC: new optional attribute related to owner-override

Rick Macklem <rmacklem@uoguelph.ca> Sat, 29 January 2022 22:59 UTC

Return-Path: <rmacklem@uoguelph.ca>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92B1F3A142D for <nfsv4@ietfa.amsl.com>; Sat, 29 Jan 2022 14:59:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=uoguelph.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lTzX7xOLv4oq for <nfsv4@ietfa.amsl.com>; Sat, 29 Jan 2022 14:59:38 -0800 (PST)
Received: from CAN01-TO1-obe.outbound.protection.outlook.com (mail-to1can01on0603.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5d::603]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E30813A142C for <nfsv4@ietf.org>; Sat, 29 Jan 2022 14:59:37 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TdDz/es4nTTuY4gfWliYUJp6G4xk9V+aiQ0+hJWjA/nzaLKM8jIhc5wlgCNOGb0eR8Ql5m+a6Vg5vo6Ty+5p2vG+HKAqqvim7Ne6eIHnxM9wQyf/MiXAgJ3eCNjaJwpFeE9FGkb/wcT3Yx7S9X8Byg5BbjMM93uB1oYbb70sZSbBtU2yXiJnW1/nWgXg5nh40ehG30ykLdvUGAsB4Fc7t92xYSyPXaSK0/1Vjwn0BuJsYtf9wOQWGQ033lnQXe5BKAVobMh3h7RzElUIHRWToxXoztDFS5A4QXtWyIq+bq77eOfsViF44/RNRhEl0fSFFD/D840Dt/VFX3NWwO0Jfg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=IJBoc0w2X7i1jEzmvQOjMQhpNpeE4i0gA2eiwqiH+vQ=; b=gVKxj4FZ91CHpANkeTczAuzB4Lmc8m8myPjU0eNsK/FWfKkVrtGKqRkMkfVQmgxAyYE6/hVoqU6Nn3kHKcpYk2nr2Pb2zGYYKCf5UXXB3rI4KC49cyY+3avqoGqUP8ViuuS2YqPnG/+0O+1fYAsi3V7GYNwHcVxg5sPNIXvaUGk2iH5gc1I/oZOKKUMJiFDxvhgPjZ/64WOZpujKREO17vfYVoLLGHBGj4mptZ0HAfv479t2GZPD7HxYa3LxE+nE9+UAdcgLOpn6moyGg08EmwZ8/FxxbWS5ZymhlayYZQGHE6NsqEybeimnCI+ku23mcV45iYYzvSX4VXdS1yUPKA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uoguelph.ca; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IJBoc0w2X7i1jEzmvQOjMQhpNpeE4i0gA2eiwqiH+vQ=; b=gQQCL4cqTRpW7eSxo+Nzu+8Z68cEzZY84dzksD1EbGpMjqSwyoGtDdT9sO0tMVe3AukGnc9SBnA7pGibWlYpR7ZYHKqFn7VIsmNQx9R6pPZbGW2TJI3uPkPoYE9NxiR72zYq7hEph6xkuhFl/6xbkJMpJY4Dm92rdjj+aN1svNtIyVu1Luu1su6pF4SBS7/8giImLhUYr0OfiByW/4U6YCiq+nkXH9r7feCJD+1MwBjqRl3OC4yyUp2x84APJy45QxJNjcz+x9Gq8WPfi6x78vMnMvo9mL5loiYPStYAdDcSydphk0+Xnyo+hlbHUdc1rq20M5nhCu77jii7Vy5SXg==
Received: from YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c00:19::29) by YT2PR01MB5428.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:b01:53::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4930.20; Sat, 29 Jan 2022 22:59:32 +0000
Received: from YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM ([fe80::7dfe:b92e:1f9f:a196]) by YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM ([fe80::7dfe:b92e:1f9f:a196%5]) with mapi id 15.20.4930.020; Sat, 29 Jan 2022 22:59:27 +0000
From: Rick Macklem <rmacklem@uoguelph.ca>
To: "nfsv4@ietf.org" <nfsv4@ietf.org>
Thread-Topic: RFC: new optional attribute related to owner-override
Thread-Index: AQHYFWE17ZjG4x1ppUGxjHB1AlSyaw==
Date: Sat, 29 Jan 2022 22:59:27 +0000
Message-ID: <YQXPR0101MB096897EB25713A75300D937ADD239@YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
suggested_attachment_session_id: f0a443ac-ee7c-57e0-686c-6af9865ff798
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=uoguelph.ca;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 574eece8-abc5-4a20-3b73-08d9e37b0037
x-ms-traffictypediagnostic: YT2PR01MB5428:EE_
x-microsoft-antispam-prvs: <YT2PR01MB54283FAE8DAA71F1B9ED94DDDD239@YT2PR01MB5428.CANPRD01.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:4502;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: C2iCkpoByfuKcJDSl7CpZEjFTgBZdsQQ9huzOd43a+W1e8eQziltI5TRkxRVNgejKKSJw5b+y6xujFvmtkRCtbTW9mB0GEdcY29GWDAMi1IhEMT18og5G4qvH5XkRoR1P6+jX7ISJnalUJCu8jcaeBUAp8o1jog96jD2i+m8ng/NaStxeXo1HYDwPz9SedR721YKdAZvzt7mJvZVa8SZvj1SqqWS6z45IZcZvsM6GEIc7uUZvIlD5iZ0GAYdQXb8z3vKKf5Gu520HbAaghNN1c3JZ3X42ywY7ObcDjL3CkahnkBY8WWN8ohq/LLHJo7uip2rCv/UJVfjs4Y9d3t6qDdjCVW+M3HX5MHStvx40+4ZMRYRvuvYDrPFD3k5nn0jRuQfAzwXGw4epxBa3l9nbB9irXN07k25FWrg6ffeemwwz8McxG3vP6SQ0q0srfzQtrxo1tP5LegGX3EfRRQFkj9u4ZDQ590KGkOW84YU2hLt7unqsn3xL/PydzFQUGNfIm4xxnRNklbhYQn6zormMSCw5pyXCVMKj3ED4h04LFwqdAZFw5bS5kg3KsR12czpIbIXCwWTFXHkfbuuPZobCyOm2cEeehgCVCNMKNuG4D6nmIu9CQ9TcA/I4U03qqEGcikmKuTpCtOUZydEl42hR8mUd1bPMcrb+jR6RuBBYa6a1DmcfAx81xFLEjzeAykLwg9+YfkUHLX8tT6Jtyceaw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(366004)(9686003)(6506007)(7696005)(83380400001)(186003)(2906002)(71200400001)(33656002)(91956017)(66946007)(66446008)(66476007)(66556008)(38070700005)(8936002)(8676002)(76116006)(6916009)(86362001)(786003)(508600001)(316002)(122000001)(5660300002)(38100700002)(55016003)(52536014)(64756008)(20210929001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: USqXA9K3I5ZNHVqsQuQkK/b7Mol3h/zMEMYyDFKMDCXawrkoh9j2IAK7nyqmuqIIOrW7/x5/bVoFvvXJI66sPBO4kSqDqNL6D2uisseJ9asHikm8qGSrF38FEu/cBWmS56e3s3ZlQOkbIv72bfCiTsrfgX2ACZUhJ3nsfIqoKxslWM6M8XB0VY5mRMLNQeKtvW9O+O2KOGlC8LDQf0TvteeiecjUmAszNj1L5aLJ9lvennLIPYd4Zp7r/Uk72zckkCqJ3fkxwNi36Lf0QqDZQkwhKK7PLrnduEHxkRjdlLv7XVmsJEOZwRRHOUFLO+E3L63APUKQ0So7B0d6tUhQUosGAyZ1WDYo6yLoYkWZPkDBAS3phYSN+ldq36AcAK2o/4TSI+mkW7mjMf23r1bRQ4WnbYxvMjz971hXlS1M9Ocp9RJiNc4T3GeGEV9pxfciz3iZ+uvqnTA3kbk8oCB3aFrkJ0wnykXbEBt6Z6ERDrQc9s0r7A2t9Fv7VksOkLtLmrtNyIq7HLgkp0jgB8BvIOUkysXeSkWodqZTpjZ953q3HVb2t1KVBJVwdXCnGnDWBlcML45fGELturI+IVEjsFIA0xFfwh5mo5h6JCZyl7SWz8J+V4/ifaLMMfRC0WHgvzkUMPp+sKEVRMRuNQo2jw2UzyGl+TTl7d8Jv6wuASAdDtI9vUw0mmJ6YJMnXGDXfx8psEW0J8M9L9m/naJTUgDpI8QcmOT4lpgdIW9ppTkoTwo3uDQc10BnECVg0fWFENdgNBscisSMyZODCc4hSDCbO2X3dwJQnG8qETRaMBMBE6s8VdfM9kQcZBh0uqT+qOf77mwFoSKTZZeILtWGx9kKl/LdODBBUpEZPYdXNJxLj718AiiG+fBJAQ6B0qLPwLBf4OtE7O/3nIJPqPIVnSBIKS5I2hrvLLUha+FJNRVgm/jU/ZZ1WD8pZ0J1NSpvPWHedN3GzMTsti6RdSaFZIX63XcZ7gdEDCPdB1VXxRgXMblPwbJuqZbXLLV84157M1Ty9+mRFWvuTUYb/Zu8wUmP2U9eAGikxgJOEuQww1TeeVJnFqk2/OmjLbuGgW3YwRc918a8WPzRwA6jCgdZe4aUqMUDFTuMeudtAdR6nLGrgUsLzIOUlcyWIwxQkMz0M6cPDJ4gg5oiR2RRuZZCiiH0ExtrwH8wcR0fme646DqiAfgQKQrcKh7FVJ1KfA41oT4QVM8KAE+tLH+WU6btTwmQKUEFKwDt9jSZ1/V0GOO83MFQB3w1bbUGetv450toRZ33yCYd88gPYzVlIDN1WvYGRAC8encQlcWDgmhpt8sKdXDOqN2xLmQEKdGq4M/SqT/KkqEXK86w7es8tpKXukNKVnASeInFZSkStQcjY7Zx7aWolHTTtVMsLSGELCQL6a3Xd8GX5Us5lKLUufZ9mE//Y/s5+iDy7QnyA0X/xLxEMmrp8pOFdGlSIQBrd54Bih506K/P9thTUgMJVmEGkds1XLSv4v3NOWZl/khuKCBfKTPhVd2yifV/cyDPe623HpqgBp9o2j+C6+llBTcbvUs95R8YaU5v4dJ+82dv3gu68KRc/CJuhHA+NONK6TP1Xxhy2W7B/t9ynLYuZyB6tcQw+uoVXfvaX1WngihBBB8JbYiFMRm9VXO+mFproQWRZ2t3M2cfQYwtqfSr1DpQig==
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: uoguelph.ca
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 574eece8-abc5-4a20-3b73-08d9e37b0037
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jan 2022 22:59:27.3269 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: be62a12b-2cad-49a1-a5fa-85f4f3156a7d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: NDjUv9oI9aWD4aCnPckZlmG1gMbwgVVy3ZdAc4ULsJyAhY0F96CvBKqsyv8geAXhhF4CwvswlNe7ybJLth84CA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: YT2PR01MB5428
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/jYIiRsBxHAqyuV3Qcl4b278q2F4>
Subject: [nfsv4] RFC: new optional attribute related to owner-override
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Jan 2022 22:59:43 -0000

I am thinking of adding this attribute to my draft, but thought
I'd ask for comments first.

This one would be per server (for a given client's ClientID) and
would apply to the following operations:
Read, Write, Setattr-of-size, Allocate, Deallocate, Copy,
Open(Claim_delegate_cur/Claim_deleg_cur_fh)

I am thinking of a tri-state attribute:
1 - A permission check is done via mode or ACL for each of the
     above operations.
2 - The owner of the file is permitted to perform the above operations.
     For non-owner requests, a permission check is done via mode or ACL
     for each of the above operations.
3 - The operation is permitted, if an appropriate valid stateid(s) (not
     special stateid(s)) is provided, plus:
    - The client has been peer authenticated.
    - At least integrity protection is being applied to the connection the
      request is received on.
    (Appropriate stateid would be defined, but for this discussion, I think
     what is appropriate should be fairly obvious. Note that a lock_stateid
     is always associated with an open_stateid via open_to_lock_stateid and
     the open_stateid is for Read, Write, or Both access.)

A server would not be required to support all 3 attribute values and
would return NFS4ERR_INVAL for any value not supported when a
Setattr of the attribute is attempted.

The setting would apply to the ClientID implied by the Sequence
operation for the compound the operation is in.

The object would be to both document what the serve implements
and to allow a client to select a preference, for servers that support
more than one of the above 3 attribute values.
(Probably an enumerated type when done in XDR.)

So, what do others think? rick

v2.23.0 | Report a Bug | By Email