Some of ZFS ACLs doesn't work as expected

[Павел]

20.08.2012 14:53, Edward Tomasz Napierała пишет:
> Wiadomość napisana przez Pavel Bychykhin w dniu 19 sie 2012, o godz. 19:56:
>> 19.08.2012 19:40, Edward Tomasz Napierała пишет:
>>> Wiadomość napisana przez Pavel Bychykhin w dniu 18 sie 2012, o godz. 19:48:
>>>> Dear community!
>>>>
>>>> After my experiments with ZFS, I concluded, that permissions "delete_child" and "delete" are ignored.
>>>> For the create/update/delete operation a list of "rwxp" (read_data/write_data/execute/append_data) is fully sufficient.
>>> They are not ignored, but yes, write access on a directory is enough to delete a file.
>>>
>>>> No need to specify the "delete_child" and "delete" permissions at all, or I don't understand something?
>>> Unless you need them - no, you don't.  That's why these bits are not set in a default
>>> case (so called 'trivial ACL', i.e. no ACL set on a file).
>>>
>> Could you please provide an example of at least one practical situation, where the "delete_child" and "delete" permissions would be useful?
> You could allow for file creation, but deny file removal.  Still, as someone
> already mentioned, main reason for these to exist is compatibility with Windows
> and NFSv4 spec.  It's just that they are not _completely_ ignored, like SYNCHRONIZE
> or READ_XATTR/WRITE_XATTR are.
>
Now I understand. This is only for "deny" rules.
Thanks a lot.