Generic ACL interface (RFC #2)

Cole, Timothy D. timothy_d_cole at md.northgrum.com
Mon Aug 2 16:19:14 GMT 1999 

This is just a quick dump of my current brain state on the matter.

Apologies to those using proportional fonts (at least I fit it to 78
lines)...

+---------------+
+-----------+
|               |  1.                                            |
|
|               |<-----------------------?-----------------------| nttrans.c
|
|               |                                                |    or
|
|               |       +----------------+  2.                   |  similar
|
|               |       |                |<---------X------------|
|
|               |       |                |                       |
|
|  OS-specific  |  - - -| chmod()/stat() |  3.+-------------+    |
|
|  interfaces   |       |                |<---|             | 5. |
|
|               |       |                |    |             |<---|
|
|               |       +----------------+    |    Samba    |
+-----------+
|               |                             | Generic ACL |
|               |  4.                         |  Interface  |
|               |<----------------------------|             |
|               |                             |             |
+---------------+                             +-------------+
                                                             
 #5 - in general, the nttrans stuff would use the GAI.

 #4 - normally the GAI is just an abstraction for the native OS ACL junk

 #3 - in cases where the native OS-specific stuff does not apply (NFS
filesytem <= v3) or there is no native ACL facility, the GAI would fall back
on POSIX chmod()/stat().

 #2 - the nttrans stuff currently goes directly to POSIX chmod()/stat() --
I'd like to see this path go away entirely if the new code lands since
otherwise it makes it harder to keep consistent semantics with #3.

 #1 - Luke's direct-to-fs Linux NTFS support thing.  It doesn't actually
make sense for the GAI to abstract NTFS ACLs; as a result, I'm dropping the
DOM_SID fields from my proposed ACL representation.

Additonal stuff:

 - instead of marking 'client-unsupported' ACEs and using that to "merge" a
modified (and thus client-mangled) ACL in the GAI setacl() call, I realized
that the "client" portion (nttrans stuff) would know more about what the
client "means".  So the nttrans implementation will have to call getacl()
and "merge" the old ACL with the modified one itself.  Plus the hackery
surrounding the ACE_IS_UNSUPPORTED flag just felt "wrong" to me anyway.

 - I'll probably try an initial implementation with support for HP-UX and
Solaris ACLs sometime later this week, provided I have time.

More information about the samba-technical mailing list