NFSv4 ACL support in star
Robert N. M. Watson
rwatson at FreeBSD.org
Fri Nov 8 18:10:24 UTC 2013
On 8 Nov 2013, at 07:26, Pawel Jakub Dawidek <pjd at FreeBSD.org> wrote:
>>> But there are also filesystems (AIX, I think) that permit different
>>> types of ACLs on different files in the same file system.
>>>
>>> I would like to see a bit added to stat() indicating the presence of
>>> either POSIX.1e or NFSv4 ACLs so that clients can efficiently
>>> determine this on a per-file basis.
>>
>> SCO UnixWare uses the UFS ACL implementation from SVr4/Solaris but added a
>> st_aclcnt field in struct stat. Do you have free space in strct stat on BSD?
>
> We do have a spare field, but for FreeBSD 11 we have to move to 64bit
> inodes, so we won't avoid changing the stat structure. If we need it
> sooner then I believe the spare field is up for grabs.
We actually meant to sort out a bit for this when we first did POSIX.1e ACLs in FreeBSD ... 5? But somehow it never happened. There are actually some interesting features here beyond hinting to userspace that it wants to check for extended protection -- we might also want to use it to hint to the ACL implementation that it might not need to search for ACL meta-data in the extended attribute implementation as well. This, of course, further cements the need for proper atomicity properties with respect to soft updates/etc if it becomes an optimisation (i.e., you want to be sure that if an ACL is present, the bit is always set, even if a crash took place as the ACL was added, but don't mind so much if it's the other way around). A general "status bits" field in the new stat structure would make sense anyway -- I can imagine wanting to hint other aspects (e.g., the presence of user attributes) there as well.
Robert
More information about the posix1e
mailing list