ACL problem with NFSv4 and DELETE_ACCESS
ndorfsman at gmail.com
Tue Jun 17 18:45:52 GMT 2008
Well, I tried to work on this :
not really easy when you never worked on Samba sources.
When I chat with obnox, we talked about the issue around calls to
posix_acl.c instead of using vfs implementation.
Your patch may fix some cases, but is it really sufficient ? Take a
look to the list I wrote in my bug report.
Le 17 juin 08 à 16:41, Volker Lendecke a écrit :
> Attached find two patches that attempt to fix a bug we have
> when "real" ACLs and not just posix mode bits are used. With
> "real" I right now mean NFSv4, but others like for example
> the AFS ACL module are also affected.
> The problem is in can_delete_file_in_directory(). It right
> now looks at the posix mode only if the owner of a directory
> wants to delete a file within it. This is wrong in all the
> more enhanced ACL schemes. It might be obvious, but it took
> a while for me to understand how this should really work: We
> are allowed to delete a file when either we have a direct
> DELETE right on the object or if that is not there we have a
> DELETE_CHILD right on the containing directory. The first
> attached patch implements this.
> The second patch is necessary because the default rwxr-xr-x
> right on a normal file would map to the owner's DELETE bit
> on a file that is about to be deleted. This is wrong, in the
> non-acl case the right to delete a file is not determined by
> the permissions on the file itself. The changed checks in
> can_delete_file_in_directory take care of it by separately
> looking at the directory permissions.
> The downside of this patch is that we don't use the fast
> path anymore in the non-acl case. I will measure next now
> much we actually lose. And, I'm not sure if all mappings in
> posix_acls.c are correct enough to actually make sure that
> we get the checks right if we push it through
> I'm not checking these patches in right away, because I need
> to do more tests, but I'd like to hear some feedback
> nevertheless, in particular from people who have worked with
> Posix and NFSv4 ACLs in production.
More information about the samba-technical