Non-trivial ACLs only?

Sun Jul 13 15:15:39 UTC 2014

Is there an easy (one-pass) way to retrieve only non-trivial ACLs from a file system item?

In the course of the speed optimization of my file system cloning tool https://code.google.com/p/clone/ for FreeBSD and Mac OS X, I found out that on FreeBSD-UFS2 (ACL enabled) the function acl_get_link_np() returns also the standard access rights as ACL, and my tool did an unnecessarily extraordinary work in fetching this from the original and storing it to the cloned file system items. For millions of files, the extra spent time sums up to hours.

On Mac OS X, acl_get_link_np() returns real ACLs only, can I have this somehow for FreeBSD too?

For the time being I came up with the following quite involved solution:

// reading the ACLs
int trivial;

if ((xmd->acl[0] = acl_get_link_np(src, ACL_TYPE_ACCESS)) &&
    (acl_is_trivial_np(xmd->acl[0], &trivial) || trivial))
{
   acl_free(xmd->acl[0]);
   xmd->acl[0] = NULL;
}

if ((xmd->acl[1] = acl_get_link_np(src, ACL_TYPE_DEFAULT)) &&
    (acl_is_trivial_np(xmd->acl[1], &trivial) || trivial))
{
   acl_free(xmd->acl[1]);
   xmd->acl[1] = NULL;
}

if ((xmd->acl[2] = acl_get_link_np(src, ACL_TYPE_NFS4)) &&
    (acl_is_trivial_np(xmd->acl[2], &trivial) || trivial))
{
   acl_free(xmd->acl[2]);
   xmd->acl[2] = NULL;
}

This doesn't seem to work properly for directories, any ideas why?

Isn't there a better way?

Is it really necessary to assemble the standard access rights into an ACL, I did not expect this, Mac OS X doesn't do this, and in the present situation it spoils up everything.

Anyway, for the present purpose it would be great to have at least a function which simply informs whether a file system item got a non-trivial ACL or not, without actually needing to load that ACL into memory.

Many thanks

Rolf Jansen