Migrating from NFSv3 to v4 - NFSv4 ACL/permission confusion

Joe Auty joe at netmusician.org
Mon Dec 6 22:34:55 UTC 2010


Edward Tomasz Napierała wrote:
> Wiadomość napisana przez Joe Auty w dniu 2010-12-06, o godz. 23:02:
>> Rick Macklem wrote:
>>> I don't know anything about ZFS, but you could try getfacl/setfacl on the
>>> client and see what happens?
>>>
>>> Edward Napierala (trasz at freebsd.org) did commit a recent change w.r.t.
>>> NFSv4 ACLs and I remember the discussion saying something like "after
>>> this change, chmod no longer does anything once ACLs are enabled, but I
>>> have no idea if it is relevant.
>
> Erm, no.  There is a change in the queue that will change chmod behaviour
> wrt. ACLs, but 1. it's not committed yet, and 2. chmod will continue to
> work.
>
>>> Also, make sure "ls -l" is not reporting "nobody". If the user/group
>>> name mapping isn't working, most Setattr Ops will fail.
>>>
>>> rick
>>>
>> Thanks Rick,
>>
>> I will look into this, but for the benefit of my own education, are
>> NFSv4 ACLs supposed to be intertwined or separate from standard Unix
>> permissions? I'm confused as to how the ACLs have changed from v3, or if
>> this is even relevant to my problem not really knowing how they work and
>> why they are needed :)
>
> Both POSIX.1e and NFSv4 ACLs are similar in that they both influence
> the mode, and get influenced by it.  In other words, when you change
> the ACL, the mode gets updated; when you change the mode, the ACL gets
> updated.  Also, for both POSIX.1e and NFSv4 ACLs, file mode continues
> to work as usual if you ignore the ACL part.
>
Thanks for this!

So, if I want to just ignore the NFSv4 ACLs on account of not needing
anything beyond the POSIX ACLs, I'm free to do so without consequence...
Correct?




> Good introduction might be the setfacl(1) manual page.
>
> --
> If you cut off my head, what would I say?  Me and my head, or me and my body?
>


-- 
Joe Auty, NetMusician
NetMusician helps musicians, bands and artists create beautiful,
professional, custom designed, career-essential websites that are easy
to maintain and to integrate with popular social networks.
www.netmusician.org <http://www.netmusician.org>
joe at netmusician.org <mailto:joe at netmusician.org>



More information about the freebsd-fs mailing list