PROPOSAL: extend UNIX_INFO2 to mark existence of ACLs
James Peach
jpeach at apple.com
Tue Jan 22 21:32:26 GMT 2008
On Jan 22, 2008, at 1:23 PM, Steve French wrote:
> James Peach wrote:
>
>> Hi all,
>>
>> Unix SMB client could often avoid a few round-trips to the server
>> if they could tell whether a file had an ACL at the point where
>> they query its metadata (presumably using the UNIX_INFO2 info
>> level).
>>
>> Since the permissions field is 64bits, how about stealing the high
>> bit of this field to indicate whether the file might have an ACL?
>>
>> We'd probably need a mechanism for clients to figure out whether
>> the bit was meaningful or not ....
>>
>>
> Do you mean POSIX ACL or NT ACL?
> For the case of an NT ACL, how would you distinguish between the
> case in which the file has an emulated ACL and a "real" ACL? If you
> query the NT ACL eg. with smbcacls, Samba will report one, even on
> files which do not have an ACL.
>
You might be able to tell that I haven't thought this through very
thoroughly yet :)
But I think that I agree with Simo that the server should only set the
bit for a "real" ACL, ie. it should not set the bit for files whose
only ACL is fabricated from the POSIX permissions bits.
More information about the samba-technical
mailing list