Samba ACL's and FreeBSD

Chris Faulhaber jedgar at
Mon Apr 9 23:34:28 GMT 2001

We are currently completing the initial ACL implementation in
FreeBSD and looking forward to testing Samba.

Currently all that is keeping us from compiling samba is
the acl_get_perm() function.  Since this function is not
part of the POSIX standard, it seems odd to expect it.

Implementing this function is trivial; however, since it is
not a part of the standard, and therefore should not be
expected to exist, we would prefer it not be named in the
ACL implementation namespace.  Currently we are naming
non-standard functions with _np (non-portable).  And since
OpenBSD is looking to use our implementation, along with a
Darwin port that will be underway shortly, we are looking
for the most portable way to implement this.

Since an acl_get_entry() function already exists in
lib/sysacls.c, it should not be too difficult to check
for the function in the configure script and use the
internal function as appropriate.  Unfortunately, I
do not know how this may affect other ACL implementations.
The other alternatives we are looking at are:

1) everyone use _np extension (not exactly realistic to
   have everyone change their implementation).
2) check for the existance of acl_get_perm_np() in the
   configure script and use that as appropriate.
3) #ifdef __FreeBSD__ (and any other OS's that may use our
   implementation) and use acl_get_perm_np().  this can
   quickly get messy :)

In the interest of compatibility and keeping things simple,
what would be the preferred method (from the Samba-
developers' point-of-view) for implementation?

It has also been noted that acl_get_perm() depends on
acl_perm_t being a bitmask-based implementation, which is
not stated in the spec.  It will work for us (and
apparently everyone else), but could cause problems if
someone else does not make this assumption.

Since this will be the first actual application to use our
ACL implementation (other than the POSIX.2c utilities), we
are quite anxious to make this work :)

Chris D. Faulhaber - jedgar at - jedgar at
FreeBSD: The Power To Serve   -
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url :

More information about the samba-technical mailing list