POSIX.1e ACLs and symbolic links

Robert Watson rwatson at FreeBSD.org
Tue Dec 24 16:12:22 GMT 2002 

In the TrustedBSD implementation of ACLs, we assume that acl_get_file(),
acl_set_file(), et al, follow symbolic links when the target pathname
points at a symlink.  This is consistent with the behavior of chown(),
chmod(), and other POSIX protection related calls that act on paths.
However, many systems now also support lchown() and lchmod() to manipulate
ownership and mode on symlinks themselves: they operate normally on files,
but if they are performed on a symlink, they act on the symlink inode (if
appropriate).  We have a prototype implementation of the following
variations on the POSIX.1e calls that have the same semantics:

int     acl_delete_link_np(const char *_path_p, acl_type_t _type);
int     acl_delete_def_link_np(const char *_path_p);
acl_t   acl_get_link_np(const char *_path_p, acl_type_t _type);
int     acl_set_link_np(const char *_path_p, acl_type_t _type, acl_t _acl);
int     acl_valid_link_np(const char *_path_p, acl_type_t _type, acl_t _acl);

(As with our other non-portable calls, _np is appended.)

Likewise, we've added "-h" arguments to getfacl and setfacl to indicate
that symbolic links should not be followed.

To help support these, we've added similar calls to manipulate extended
attributes based on the existing POSIX.1e-derived APIs:

int     extattr_delete_link(const char *_path, int _attrnamespace,
            const char *_attrname);
ssize_t extattr_get_link(const char *_path, int _attrnamespace,
            const char *_attrname, void *_data, size_t _nbytes);
int     extattr_set_link(const char *_path, int _attrnamespace,
            const char *_attrname, const void *_data, size_t _nbytes);

Given OpenBSD's adoption of the ACL and extended attribute implementations
from FreeBSD, I imagine they may pick up these also.  Likewise, we'll
update our ports of extended attributes and ACLs to Darwin and Mac OS X to
support these interfaces also. 

Have any other platforms addressed this issue?  We're currently testing
these changes, and plan to commit them to the FreeBSD tree for inclusion
in FreeBSD 5.1 sometime during Q2 of next year.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org      Network Associates Laboratories

To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message

More information about the posix1e mailing list