[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [PATCH] Basic support for checking NFSv4 ACLs in Linux
From: |
Ondrej Valousek |
Subject: |
RE: [PATCH] Basic support for checking NFSv4 ACLs in Linux |
Date: |
Tue, 15 Nov 2022 09:17:18 +0000 |
> * If an ALLOW entry has any mask bits set that don't correspond to the UNIX
> rwx permissions, we don't have a trivial ACL.
Do we really have to do this?
I mean from RFC8881:
" The server that supports both mode and ACL must take care to synchronize the
MODE4_*USR, MODE4_*GRP, and MODE4_*OTH bits with the ACEs that have respective
who fields of "OWNER@", "GROUP@", and "EVERYONE@". This way, the client can see
if semantically equivalent access permissions exist whether the client asks for
the owner, owner_group, and mode attributes or for just the ACL."
... I take it these 3 ACEs should always represent mode bits.
Or if you really wish I can shamelessly steal the AIX code there and put smth
like this:
If (aceMask & ~(ACE4_READ_DATA | ACE4_LIST_DIRECTORY
| ACE4_WRITE_DATA | ACE4_ADD_FILE
| ACE4_EXECUTE)) == 0)) return 1;
Thanks,
Ondrej
- RE: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/07
- [PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/09
- RE: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/11
- [PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/14
- Re: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Andreas Grünbacher, 2022/11/14
- RE: [PATCH] Basic support for checking NFSv4 ACLs in Linux,
Ondrej Valousek <=
- Re: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Andreas Grünbacher, 2022/11/15
- Re: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Andreas Grünbacher, 2022/11/15
- RE: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/15
- Re: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Andreas Grünbacher, 2022/11/15
- RE: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/16
Re: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Paul Eggert, 2022/11/14
[PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/24