[linux-cifs-client] w2k server "unix extensions"?

conrad at mac.com conrad at mac.com
Fri Oct 22 23:24:12 GMT 2004


At 10:12 AM -0500 10/22/04, Steven French wrote:

>1) mapping of symlinks on files to a client only symlink format (Conrad's
>Apple client calls them xsymlinks and a definition for them is in the Linux
>cifs client header fs/cifs/cifspdu.h, but not implemented in
>Linux's cifs_symlink function yet).

>Reparse points will likely work for directory
>symlinks although investigation is needed whether relative paths are
>supported (all junction reparse points that I have seen have Windows
>local server absolute paths with drive_letter:\path)

Just in case I'd been unclear...  those "xsymlinks" are created w/o 
regard to destination existence, type, etc.  In particular a symlink 
to a file is no different than a symlink to a directory.

>2) mapping of the Windows file owner (in the SID) to its equivalent of
>local Unix UID so the correct owner shows up on the POSIX client side.

Performance *sigh*  A UID & GID are wanted to satisfy "stat" calls, 
but that means "stat" needs to do a wire-open (to get the SIDs via 
NT_TRANSACT_QUERY_SECURITY_DESC.)

>3) mapping of file permissions - either from the Windows ACL to an
>approximate mode that it would represent or simply storing them in an extended
>attribute or alternate data stream.

IMO clients shouldn't second guess server ACL enforcement algorithms. 
A server might be presenting "Windows ACLs" based upon actual Windows 
ACLs in the server's local filesystem, or the "Windows ACLs" might be 
artificial - based upon Posix "mode", Posix ACLs, or even something 
else.  There's a downside, but I suggest client filesystems return a 
permissive/optimistic mode (0777 for instance) ... the intention is 
to keep application level code from preventing operations which the 
server might in fact permit.

>jra and I and a few others have done some initial work exploring what
>would be
>needed for a version 2 of the CIFS Unix Extensions, perhaps called "CIFS
>POSIX Extensions" (a better name would be welcome) whose highlights would
>include a slightly improved form of CreateX  and an alternative for POSIX
>byte range locking and support for "POSIX ACLs" on the wire (among other
>features).

A *nix system might choose to implement Windows ACLs locally and OTW, 
and provide no support for "POSIX ACLs".


More information about the samba-technical mailing list