[Acl-Devel] What would be the 'proper' function to determine that a fs can support posix acls?
Robert Watson
rwatson at FreeBSD.org
Wed Apr 25 15:16:53 GMT 2001
On Mon, 23 Apr 2001, Andreas Gruenbacher wrote:
> > At first blush, (and in current Samba implementations -2.2.0) acl_init would
> > seem like the place. Unfortunately, acl_init(int count) takes only the
> > parameter count to determine if the working space acl can be created. I don't
> > see that this has any place to check the file system.
> >
> > I can see that something like acl_get_fd or acl_get_file might be a better
> > place to accomplish such a test.
>
> acl_get_{fd,file}() return a three-element ACL on filesystems that don't
> have extended ACLs.
Hmm. I used to do that in the FreeBSD implementation, but after a
discussion with Casey on the posix1e mailing list, I concluded it was
better to do the magical permission->ACL conversion in getfacl. This is
derived from the following text in 23.4.16.2:
If the argument type specifies a type of ACL that cannot be associated
with path_p, then the function shall fail.
I wasn't sure I entirely agreed, but it seemed to me that Casey's argument
held water. :-) We now return EOPNOTSUPP from acl_get_*() if ACLs are
not permitted on the object in question. We also don't have the
pathconf() feature working yet, as right now ACLs are implicitly enabled
on file systems where the appropriate EAs are available. I have some
patches to make that policy driven using a file system superblock flag,
but haven't tested/committed yet.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
robert at fledge.watson.org NAI Labs, Safeport Network Services
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list