star-1.4a07pre5 available

Andreas Gruenbacher ag at bestbits.at
Wed Nov 28 16:37:55 GMT 2001 

On Tue, 27 Nov 2001, Chris Faulhaber wrote:

> On Thu, Nov 08, 2001 at 03:12:59PM +0100, Andreas Gruenbacher wrote:
> > On Thu, 8 Nov 2001, Robert Watson wrote:
> > 
> > (2) setfacl seems to have trouble with default ACLs:
> > 
> > Things like `setfacl -m u:joe:rwx dir/' work as expected. However, the
> > equivalent command for default ACLs, `setfacl -dm u:joe:rwx dir/', fails.
> > 
> > Setting default ACLs works if you specify a complete, valid ACL. It seems
> > setfacl is doing an acl_valid() call too many, or something like that.
> > 
> 
> Where are you getting the complete default ACL from?  access ACLs
> can be obtained from a file/dir by using normal unix permissions but
> default ACLs have no such option.

You are right, the current draft standard says nothing about constructing
a complete default ACL in such cases. The resulting setfacl behavior when
not doing this is quite surprising, though.

I have in fact implemented this differently in my ACL utilities. If an
ACL_USER_OBJ/ACL_GROUP_OBJ/ACL_OTHER entry is missing in the default ACL,
the corresponding entry from the access ACL is used. I find the resulting
interface much less weird, but it is nonetheless a non-standard extension.

> 
> > 
> > (3) getfacl returns a crappy comment header.
> > 
> > Instead of what 1003.1e DS17 says,
> > 
> >   # file: dir/
> >   # owner: gruenbacher
> >   # group: disk
> >   . . .

My fault, and sorry for complaining. In fact you are right about the
specification:

> > getfacl returns:
> > 
> >   #file:f3
> >   #owner:20002
> >   #group:0
> > 
> 
> According to 1003.2c:
> 
> 8.1.6.1 Standard Output
> ...
> The header shall be written in the following format:
> "#file:%s\n#owner:%d\n#group:%d\n",<filename>,<uid>,<gid>
> 

I really see no valid reason why the UID/GID should be given in numeric
form in the comments as requested in the specification, however. What
would be the point in showing the numeric ID's in the header, put showing
the names in the ACL printed out?

Still, with respect to the specification, the FreeBSD utilities are
correct, and mine are not. Sorry for not re-reading the specification
carefully before. I was merely pointing out the things that occurred
strange to me, being exposed to the FreeBSD ACL utilities the first time.


Regards,
Andreas.

------------------------------------------------------------------------
 Andreas Gruenbacher, a.gruenbacher at computer.org
 Contact information: http://www.bestbits.at/~ag/

To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message

More information about the posix1e mailing list