acl_xattr storage format (Re: Moving forward towards releasing Samba 4.0)

Richard Sharpe realrichardsharpe at
Tue May 22 21:32:26 MDT 2012

On Tue, May 22, 2012 at 7:11 AM, Richard Sharpe
<realrichardsharpe at> wrote:
> On Mon, May 21, 2012 at 10:25 AM, Jeremy Allison <jra at> wrote:
> [Deletia]
>> Actually I've been thinking about this and the right way
>> to code it (IMHO) is not to have an acl_hash method, but
>> to have an acl_blob method, that returns a DATA_BLOB
>> containing the raw form of the underlying ACL.
>> That then allows the upper layer to change the hash
>> mechanism (md4, SHA1 etc.) without having to encode
>> knowledge of the specific hash algorithm in every
>> lower layer.
>> Essentially it's doing the same work that acl_hash
>> would have to do, just leaving the final hash to
>> the upper layer.
>> Does that make sense ?

[Replying to the list as well.]

This makes a lot of sense to me ... it greatly simplifies what any
replacement lower layer needs to do, it seems to me.

Of course, if anyone wants to replace acl_xattr with their own module
and they have legacy data, then they will have to deal with the hash
that acl_xattr used, but that is part of the task of re-implementing

Richard Sharpe

More information about the samba-technical mailing list