Patchset to add asynchronous open/close to master
Stefan (metze) Metzmacher
metze at samba.org
Wed Jun 20 13:30:03 MDT 2012
>> Sorry I do not understand how this works properly.
>> A) what assures you have the right to actually create the file in the
>> directory if you are not setting the whole credentials (uid,gid and all
>> secondary gids) as the process credentials for the open ?
> We already check this in the CreateFile() path.
> We won't even try and create the file unless we've
> checked that we have the rights to do so. If
> we have no create rights we've already returned
>> B) Why do you have a comment that Posix ACL inheritance doesn't apply ?
>> Is it because we assume that all additional ACLs are properly set and we
>> need to care exclusively about setting the right user/group owner ?
> Yes. That's how POSIX ACL inheritance works.
>> I just need to understand how do you know the open will always
>> succeed/fail properly given the parent directory ACL and the user's
>> group memberships, if the open my happen in a different user context,
>> what am I missing ?
> As I mention above, we've already checked. Yes,
> there's a race condition in that someone could
> be simultaneously modifying the directory ACL
> at the same time, but the CreateFile path is
> inherently racy for many conditions. The only
> way to prevent such races is to have a kernel
> CreateFile call.
What are we doing if we get EPERM, because we changed to "nobody" for a
session? Do we retry?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 262 bytes
Desc: OpenPGP digital signature
More information about the samba-technical