Add setacl system call?
Robert Watson
rwatson at FreeBSD.org
Mon Jul 25 07:08:57 UTC 2011
On Sun, 24 Jul 2011, exorcistkiller wrote:
> Hi, I'm working on a course project in which I need to add 3 system calls.
> One of which is setacl(char *name, int type, int idnum, int perms), which
> set acl for a file specified by name. I used newfs as in
> ftp://ftp.tw.freebsd.org/pub/FreeBSD/FreeBSD-current/src/sbin/newfs/ to make
> this new filesystem, named myfs (which really is UFS2) and mounted it.
>
> My question is:
> 1) where to start with?
> 2) Is this filesystem actually a userland UFS and I can use functions in
> libufs(3)?
> 3) What about functions in ufs_acl.c? Should the acls be stored on the
> extended attributes blocks? Does FreeBSD 8.2 support it?
>
> I know I'm asking stupid questions, but a small hint might help me a lot.
> Thank you so much..
Hi... er.. exorcistkiller... (*)
This being FreeBSD, you may want to start with the existing programmer
documentation, which should prove quite useful given your goals. Try acl(3)
for userspace, and acl(9) for the kernel.
You are doing this in the context of a course, so the constraints may be
somewhat artificial. However, normally my advice to someone wanting to add a
new ACL implementation to FreeBSD would be to start with our existing
implementation, which supports both POSIX.1e and NFSv4 ACLs (and is extensible
to new ACL types without changing the current APIs (much)). For example, if I
were going to teach our native system call API about AFS ACLs, I'd start by
perusing the above man pages and code, including:
src/bin/*acl* # Commands for manipulating ACLs
src/lib/libc/posix1e # Library routines
src/sys/kern/*acl* # File system-independent code
src/sys/sys/acl.h # File system-independent header
As you've already found, ufs_acl.c contains the implementation for UFS; ZFS,
NFS, etc, have similar-looking files with markedly different contents. In
general, if something looks file system-independent, we try to put it in the
centralised files in kern, rather than replicate the code across file systems.
Roughly half the code in the kern directory has to do with calls *into* the
file system, and the other half is a library of routines called *by* the file
system.
Robert
More information about the freebsd-hackers
mailing list