Date: Wed, 6 Aug 2008 14:13:18 GMT From: Edward Tomasz Napierala <trasz@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 146774 for review Message-ID: <200808061413.m76EDIfR043441@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=146774 Change 146774 by trasz@trasz_traszkan on 2008/08/06 14:12:37 Ignore "append" permission - use "write_data" instead - on regular files to match SunOS (and ZFS) behaviour. Affected files ... .. //depot/projects/soc2008/trasz_nfs4acl/TODO#33 edit .. //depot/projects/soc2008/trasz_nfs4acl/sys/kern/subr_acl_nfs4.c#15 edit Differences ... ==== //depot/projects/soc2008/trasz_nfs4acl/TODO#33 (text+ko) ==== @@ -8,8 +8,6 @@ to ACL_READ_NAMED_ATTRS, so there is no need for translation between the two in kern/subr_acl_nfs4.c. -- Decide what to do with write vs append on regular files. - - Either add or extend existing manual pages for new API routines: acl_add_flag_np, acl_clear_flags_np, acl_create_entry_np, acl_delete_entry_np, acl_delete_flag_np, acl_get_extended_np, acl_get_flag_np, acl_get_flagset_np, ==== //depot/projects/soc2008/trasz_nfs4acl/sys/kern/subr_acl_nfs4.c#15 (text+ko) ==== @@ -81,17 +81,6 @@ access_mask |= mode2mask[i].mask; } - if (mode & VAPPEND) { - /* - * Translate from open(2) semantics to NFSv4 one. - * In order to open file for writing, one needs - * to specify both O_WRONLY and O_APPEND. With NFSv4, - * permission to write is not required to append, - * permission to append is sufficient. - */ - access_mask &= ~ACL_WRITE_DATA; - } - return (access_mask); } @@ -191,21 +180,17 @@ needed_bits &= ~(ACL_READ_ACL | ACL_WRITE_ACL | ACL_READ_ATTRIBUTES | ACL_WRITE_ATTRIBUTES); - denied = _acl_denies(aclp, needed_bits, cred, file_uid, file_gid, - &explicitly_denied); - /* - * If we want to append data to the file, either one of ACL_APPEND_DATA - * or ACL_WRITE_DATA is sufficient. We just tested for the former - * and we were denied access. Let's try with the latter. - */ - if (denied && (needed_bits & ACL_APPEND_DATA) && !is_directory) { + * Ignore append permission for regular files; use write + * permission instead. + */ + if (!is_directory && (needed_bits & ACL_APPEND_DATA)) { + needed_bits &= ~ACL_APPEND_DATA; needed_bits |= ACL_WRITE_DATA; - needed_bits &= ~ACL_APPEND_DATA; + } - denied = _acl_denies(aclp, needed_bits, cred, file_uid, - file_gid, &explicitly_denied); - } + denied = _acl_denies(aclp, needed_bits, cred, file_uid, file_gid, + &explicitly_denied); if (must_be_owner) { if (file_uid != cred->cr_uid)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200808061413.m76EDIfR043441>