Current approaches to ACL handling

Volker Lendecke Volker.Lendecke at SerNet.DE
Mon Oct 1 13:05:18 MDT 2012

On Mon, Oct 01, 2012 at 01:57:20PM -0500, Christopher R. Hertel wrote:
> On 10/01/2012 01:52 PM, Jeremy Allison wrote:
> >On Mon, Oct 01, 2012 at 02:42:51PM -0400, simo wrote:
> >>On Mon, 2012-10-01 at 13:28 -0500, Christopher R. Hertel wrote:
> >>>What are the current best practices for ACL handling?
> >>>
> >>>To my knowledge, it's using EAs to store the ACLs.  Is there any in-depth
> >>>documentation on this implementation?  Are there any other mechanisms in 
> >>>use?
> >>
> >>We store the Windows ACL in an EA and a matching posix ACL translation
> >>on the file, plus a sha hash of the ACL so we can be sure they are in
> >>sync.
> >>
> >>I am not aware of any other doc beyond the code.
> >
> >Well there are some SambaXP talks on it I did a while ago :-).
> >
> >Sorry.
> I'll look at the code and your talks.  Those are the kinds of pointers I 
> needed.
> Is there any reason to even consider the possibility of thinking about 
> pondering the idea of toying with the concept of somehow using TDB (CTDB) 
> to manage ACLs, or is that not a particularly rational approach?

Why would you want that? xattr size limitations?


SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen, mailto:kontakt at

More information about the samba-technical mailing list