Change in application of default ACLs in UFS

Robert Watson rwatson at FreeBSD.org
Sun Aug 3 20:55:39 PDT 2003 

Just an FYI to users of ACLs on UFS -- I've modified the semantics of the
application of the default ACL in combination with the umask.  The result
is that the application of default ACLs is now more conservative than
previously, so you may want to keep an eye out and make sure all the ACLs
still mean what you thought they meant.

I'm still exploring what the best default ACL semantics to use are --
we're now implementing POSIX.1e "as spec" (bitwise and).  It's worth
observing this is not quite the same semantics as Solaris and Linux, in
which the the ACL mask overrides the umask.  I have an ACL development
branch in Perforce where I'm experimenting with these semantics, and will
probably merge support for that prior to 5.3, probably as an option. 

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org      Network Associates Laboratories

---------- Forwarded message ----------
Date: Sun, 3 Aug 2003 20:29:13 -0700 (PDT)
From: Robert Watson <rwatson at FreeBSD.org>
To: src-committers at FreeBSD.org, cvs-src at FreeBSD.org, cvs-all at FreeBSD.org
Subject: cvs commit: src/sys/ufs/ufs acl.h ufs_acl.c ufs_vnops.c

rwatson     2003/08/03 20:29:13 PDT

  FreeBSD src repository

  Modified files:
    sys/ufs/ufs          acl.h ufs_acl.c ufs_vnops.c 
  Log:
  Now that the central POSIX.1e ACL code implements functions to
  generate the inode mode from a default ACL and creation mask,
  implement ufs_sync_inode_from_acl() using acl_posix1e_newfilemode().
  
  Since ACL_OVERRIDE_MASK/ACL_PRESERVE_MASK are defined, we no
  longer need to explicitly pass in a "preserve_mask" field: this
  is implicit in the use of POSIX.1e semantics.
  
  Note: this change contains a semantic bugfix for new file creation:
  we now intersect the ACL-generated mode and the cmode requested by
  the user process.  This means permissions on newly created file
  objects will now be more conservative.  In the future, we may want
  to provide alternative semantics (similar to Solaris and Linux) in
  which the ACL mask overrides the umask, permitting ACLs to broaden
  the rights beyond the requested umask.
  
  PR:             50148
  Reported by:    Ritz, Bruno <bruno_ritz at gmx.ch>
  Obtained from:  TrustedBSD Project
  
  Revision  Changes    Path
  1.5       +1 -2      src/sys/ufs/ufs/acl.h
  1.18      +8 -78     src/sys/ufs/ufs/ufs_acl.c
  1.232     +4 -8      src/sys/ufs/ufs/ufs_vnops.c

More information about the freebsd-current mailing list