ACLs on Digital UNIX

[Michael Davidson]

TAKAHASHI Motonobu wrote:
> 
> As far as I examine, it does not work yet.
> 
> At first I enable ACL feature and type
> 
> %setacl -u group:sysadmin:rwx foo.txt
> %getacl foo.txt
> # file: foo.txt
> # owner: monyo
> # group: users
> #
> user::rwx
> group::r--
> group:sysadmin:rwx
> other::r--
> 
> The sysadmin's ACE is read from Windows 2000.

OK, good - that means that quite a lot of the code is working. 

> But I cannot add/modify/delete any ACE from Windows 2000.
> Pressing OK, then Windows says "Access denied".

Not so good ...

According to the logs the point of failure is:

> [2001/07/28 16:35:22, 0] smbd/posix_acls.c:(1643)
>   set_canon_ace_list: Failed to create permset for mode (448) on entry
> 0. (Invalid argument)
and
> 
> [2001/07/28 16:39:01, 0] smbd/posix_acls.c:(1643)
>   set_canon_ace_list: Failed to create permset for mode (320) on entry
> 0. (Invalid argument)
> 

At first sight the modes look slightly strange, but that's because
they are printed in decimal rather than octal - so 448 -> 0700 and
320 -> 0600, both of which are reasonable.

The function which is failing is map_acl_perms_to_permset(), and it
in turn must be failing because either sys_acl_clear_perms() or
sys_acl_add_perm() is failing ... which is somewhat bizarre since
both of these are trivial mappings onto the underlying acl_*
functions.

Sorry for the somewhat lengthy explanation, but since I don't
seem to be able to telnet into the Compaq test-drive systems
right now there isn't much I can do to figure this out and I'm
hoping that someone else with access to a system may be able 
to help.