ZFS deletes ACLs when root edits a file
Marc Peters
marc at mpeters.org
Tue Jun 12 13:54:28 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi list,
i observed a strange behaviour when using ACLs on a ZFS filesystem.
When a file has ACLs set and is edited by a user, the ACLs get lost
when the file is edited and saved.
How to repeat:
> mount
/dev/aacd0s1a on / (ufs, local)
devfs on /dev (devfs, local, multilabel)
/dev/aacd0s1d on /var (ufs, local, soft-updates)
appdata on /appdata (zfs, local, nfsv4acls)
/dev/md0 on /appdata/www/cache (ufs, local, soft-updates)
> ls -al
total 3
drwxr-xr-x 2 mpeters wheel 2 Jun 12 15:31 .
drwxr-xr-x 5 root wheel 5 Jun 12 15:29 ..
> touch test.file ls -al
total 4
drwxr-xr-x 2 mpeters wheel 3 Jun 12 15:32 .
drwxr-xr-x 5 root wheel 5 Jun 12 15:29 ..
- -rw-r--r-- 1 mpeters wheel 0 Jun 12 15:32 test.file
> getfacl test.file
# file: test.file
# owner: mpeters
# group: wheel
owner@:rw-p--aARWcCos:------:allow
group@:r-----a-R-c--s:------:allow
everyone@:r-----a-R-c--s:------:allow
> setfacl -m user:nobody:rwx::allow test.file ls -al
total 4
drwxr-xr-x 2 mpeters wheel 3 Jun 12 15:32 .
drwxr-xr-x 5 root wheel 5 Jun 12 15:29 ..
- -rw-r--r--+ 1 mpeters wheel 0 Jun 12 15:32 test.file
> getfacl test.file
# file: test.file
# owner: mpeters
# group: wheel
user:nobody:rwx-----------:------:allow
owner@:rw-p--aARWcCos:------:allow
group@:r-----a-R-c--s:------:allow
everyone@:r-----a-R-c--s:------:allow
> vim test.file
(do some editing here)
"test.file" 2 lines, 12 characters written
> ls -al
total 4
drwxr-xr-x 2 mpeters wheel 3 Jun 12 15:35 .
drwxr-xr-x 5 root wheel 5 Jun 12 15:29 ..
- -rw-r--r-- 1 mpeters wheel 12 Jun 12 15:35 test.file
> getfacl test.file
# file: test.file
# owner: mpeters
# group: wheel
owner@:rw-p--aARWcCos:------:allow
group@:r-----a-R-c--s:------:allow
everyone@:r-----a-R-c--s:------:allow
As you can see, the ACL for user nobody is gone.
Is this behaviour intended?
Regards,
marc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk/XSFgACgkQCnBgS+kUGEvTGwCfSmSE31TK4cHAcs3eXdiHLwDR
ofIAoJqO2A+LyIhA17YsNnWz2Z3lTogo
=UcvA
-----END PGP SIGNATURE-----
More information about the freebsd-fs
mailing list