PERFORCE change 144705 for review

Sat Jul 5 11:52:52 UTC 2008

http://perforce.freebsd.org/chv.cgi?CH=144705

Change 144705 by trasz at trasz_traszkan on 2008/07/05 11:52:39

	Update TODO.

Affected files ...

.. //depot/projects/soc2008/trasz_nfs4acl/TODO#2 edit

Differences ...

==== //depot/projects/soc2008/trasz_nfs4acl/TODO#2 (text+ko) ====

@@ -1,62 +1,28 @@
 Things to do, in no particular order:
 
-Compatibility
-=============
+- Add the ability to remove ACE by number to setfacl(1),
 
-- Create 'struct acl_old' and related types as a copy of 'struct acl'
-  and related types.  Replace all occurences of 'struct acl' with 'struct
-  acl_old'.
+- Add the ability to add ACE at a given position in ACL to setfacl(1),
 
-- Extend 'struct acl' and related types as needed for NFSv4 ACLs.
+- Change acl_{get,set}_flags_np into Darwin-compatible calls:
 
-- Write code to translate between 'struct acl' and 'struct acl_old'.
+  int      acl_add_flag_np(acl_flagset_t flagset_d, acl_flag_t flag);
+  int      acl_clear_flags_np(acl_flagset_t flagset_d);
+  int      acl_delete_flag_np(acl_flagset_t flagset_d, acl_flag_t flag);
+  int      acl_get_flag_np(acl_flagset_t flagset_d, acl_flag_t flag);
+  int      acl_get_flagset_np(void *obj_p, acl_flagset_t *flagset_p);
+  int      acl_set_flagset_np(void *obj_p, acl_flagset_t flagset_d);
 
-- Add acl_whatever_flag_np routines to the libc.
+- Find out what to do with chmod(1).  Right now, "chmod 600" on file
+  which already has mode 0600 does not call chmod(2) at all - and it
+  should, as it might cause ACL recomputation.
 
-- Move ACL-related VOPs from using 'acl_old' to 'acl' for both interfacing
-  with the upper layers and on-disk storage.
+- Make access control more granular.
 
-- Add new set of ACL syscalls.  Break out common code into separate routines
-  and implement syscalls for both new and old API as wrappers around
-  that - for example, for new API, the syscall will copyin and call the common
-  routine; for old API the syscall will copyin, translate and call the common
-  routine.
+- Attach ZFS to the framework.
 
-- Find out how symbol versioning works.  Use it to create backward compatible
-  API - wrap old API around new one, using translation routines described above.
+- Write code to do the same operations on UFS and ZFS and compare results.
 
-Actual implementation
-=====================
-
-- Find out how interaction between "legacy" UNIX permissions (rwxrwxrwx)
-  and NFSv4 ACLs works in SunOS.
-
-- Find out how interaction between "legacy" UNIX permissions (rwxrwxrwx)
-  and NFSv4 ACLs works in Darwin.
-
-- Decide on the command line tools user interface.
-
-- Implement parser for the new ACL type.
-
-- Implement printer for the new ACL type.
-
-- Add mount flag (nfs4acls?), mutually exclusive with 'acls', to turn on new ACLs.  
-
-- Add some mock-up code to kern/subr_acl_nfs4.c.
-
-- Extend stuff from ufs/ufs/ufs_acl.c to call that code for NFSv4 ACLs.  At this point
-  I should be able to test if storing and retrieving works as it should, for both new
-  (struct acl) and old (struct acl_old) on-disk layout.
-
-- Replace the mock-up with actual implementation.  ;-)
-  (XXX: This deserves for a longer description.)
-
-Testing
-=======
-
-- Find out if there is any existing tool to test this.
-
-- Find out what functionality is needed for regression tests.
-
-- Implement.
+- Write library that implements SunOS acl(2)/facl(2) as wrappers around
+  __acl_whatever syscalls.  Use it in Samba.
 
