Date: Mon, 6 Dec 2010 23:28:36 +0100 From: =?iso-8859-2?Q?Edward_Tomasz_Napiera=B3a?= <trasz@FreeBSD.org> To: Joe Auty <joe@netmusician.org> Cc: freebsd-fs@freebsd.org Subject: Re: Migrating from NFSv3 to v4 - NFSv4 ACL/permission confusion Message-ID: <F8F7A4F9-7E1F-4B32-98D3-F595063238D7@FreeBSD.org> In-Reply-To: <4CFD5D73.1050601@netmusician.org> References: <1124305635.1255931.1291670668724.JavaMail.root@erie.cs.uoguelph.ca> <4CFD5D73.1050601@netmusician.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Wiadomo=B6=E6 napisana przez Joe Auty w dniu 2010-12-06, o godz. 23:02: > Rick Macklem wrote: >>=20 >> I don't know anything about ZFS, but you could try getfacl/setfacl on = the >> client and see what happens? >>=20 >> Edward Napierala (trasz@freebsd.org) did commit a recent change = w.r.t. >> NFSv4 ACLs and I remember the discussion saying something like "after >> this change, chmod no longer does anything once ACLs are enabled, but = I >> have no idea if it is relevant. Erm, no. There is a change in the queue that will change chmod = behaviour wrt. ACLs, but 1. it's not committed yet, and 2. chmod will continue to work. >> Also, make sure "ls -l" is not reporting "nobody". If the user/group >> name mapping isn't working, most Setattr Ops will fail. >>=20 >> rick >>=20 >=20 >=20 > Thanks Rick, >=20 > I will look into this, but for the benefit of my own education, are > NFSv4 ACLs supposed to be intertwined or separate from standard Unix > permissions? I'm confused as to how the ACLs have changed from v3, or = if > this is even relevant to my problem not really knowing how they work = and > why they are needed :) Both POSIX.1e and NFSv4 ACLs are similar in that they both influence the mode, and get influenced by it. In other words, when you change the ACL, the mode gets updated; when you change the mode, the ACL gets updated. Also, for both POSIX.1e and NFSv4 ACLs, file mode continues to work as usual if you ignore the ACL part. Good introduction might be the setfacl(1) manual page. -- If you cut off my head, what would I say? Me and my head, or me and my = body?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F8F7A4F9-7E1F-4B32-98D3-F595063238D7>