Samba4 Posix NTVFS questions

Gémes Géza geza at kzsdabas.sulinet.hu
Sun Nov 7 13:04:50 GMT 2004


>There will be multiple solutions available. Right now the posix NTVFS
>is still under development, and doesn't do NT ACLs at all. I expect to
>do an initial NT ACL solution soon (next couple of weeks probably).
>
>The initial solution is likely to be storing NT ACLs in xattr blobs,
>probably in the "trusted.*" xattr namespace. These will be interpretd
>in user space by smbd. The blobs themselves will be NDR encoded. Take
>a look at xattr.idl in the current Samba4 source tree for what I have
>done with dos attributes and DOS EAs to see what I mean, the NT ACL
>solution will be very similar.
>
>The next level of solution will be to have a Linux LSM module that
>interprets these xattr blobs in the kernel, and to have calls that
>smbd can make to ask the LSM module to setup a NTTOKEN security
>context. 
>
>Finally, we may implement a mapping between posix ACLs and NT ACLs,
>possibly in parallel with the above schemes. The idea is that the if
>the last ACL modification made is to the posix ACL then the posix ACL
>would be considered the master, and the NT ACL would be derived from
>that. If the last ACL modification was to the NT ACL then the reverse
>would be true.
>
>  
>
IMHO in long term the only viable solution would be the reformulation of 
the Posix ACL standard (1003.1e/1003.2c Draft Standard 17), in order to 
extend it to "natively" support the union of CIFS and NFSv4 ACLs (The 
current Linux NFSv4 server implementation lacks many of the NFSv4 ACLs 
advantages 
(http://www.citi.umich.edu/projects/nfsv4/rfc/draft-ietf-nfsv4-acl-mapping-02.txt)).
In this process the first step would be to implement the non-Posix 
attributes as EAs, using a common namespace, then unify their treatment 
with the (EA implemented) Posix ACLs.

>The priority for me right now is to build all the infrastructure so
>that these different schemes can be implemented. The precise details
>of the initial scheme isn't all that important, what is important is
>that it is flexible enough to do an extremely close emulation of NT
>ACLs, and that we develop test suites that confirm the correct
>behaviour. Once one scheme is developed then plugging in a different
>scheme will not be difficult.
>
>Cheers, Tridge
>
>  
>
Best Regards,

Geza


More information about the samba-technical mailing list