Samba4 Posix NTVFS questions
geza at kzsdabas.sulinet.hu
Sun Nov 7 13:04:50 GMT 2004
>There will be multiple solutions available. Right now the posix NTVFS
>is still under development, and doesn't do NT ACLs at all. I expect to
>do an initial NT ACL solution soon (next couple of weeks probably).
>The initial solution is likely to be storing NT ACLs in xattr blobs,
>probably in the "trusted.*" xattr namespace. These will be interpretd
>in user space by smbd. The blobs themselves will be NDR encoded. Take
>a look at xattr.idl in the current Samba4 source tree for what I have
>done with dos attributes and DOS EAs to see what I mean, the NT ACL
>solution will be very similar.
>The next level of solution will be to have a Linux LSM module that
>interprets these xattr blobs in the kernel, and to have calls that
>smbd can make to ask the LSM module to setup a NTTOKEN security
>Finally, we may implement a mapping between posix ACLs and NT ACLs,
>possibly in parallel with the above schemes. The idea is that the if
>the last ACL modification made is to the posix ACL then the posix ACL
>would be considered the master, and the NT ACL would be derived from
>that. If the last ACL modification was to the NT ACL then the reverse
>would be true.
IMHO in long term the only viable solution would be the reformulation of
the Posix ACL standard (1003.1e/1003.2c Draft Standard 17), in order to
extend it to "natively" support the union of CIFS and NFSv4 ACLs (The
current Linux NFSv4 server implementation lacks many of the NFSv4 ACLs
In this process the first step would be to implement the non-Posix
attributes as EAs, using a common namespace, then unify their treatment
with the (EA implemented) Posix ACLs.
>The priority for me right now is to build all the infrastructure so
>that these different schemes can be implemented. The precise details
>of the initial scheme isn't all that important, what is important is
>that it is flexible enough to do an extremely close emulation of NT
>ACLs, and that we develop test suites that confirm the correct
>behaviour. Once one scheme is developed then plugging in a different
>scheme will not be difficult.
More information about the samba-technical