Current approaches to ACL handling

Elia Pinto gitter.spiros at gmail.com
Mon Oct 1 22:57:51 MDT 2012 

Hello, sorry for the top posting.

Just to remember that a very old product AT&T "advanced server for
unix" - a windows NT domain controller on Unix SVR4 - used a backing
storage similar to a tdb for registering windows acl . Was in the 1998
/ 1999 and the operating system have not EA filesystem support at all.
But in the some period also linux lacked the actual implementation,
acl was introduced in REDHÁT 8, 2003 perhaps. Just an historical
perspective, dunno if interesting, on what other implementation of
windows on Unix had done in the past years. And i worked with them
before samba.

Regards

2012/10/1, simo <idra at samba.org>:
> On Mon, 2012-10-01 at 12:19 -0700, ronnie sahlberg wrote:
>> On Mon, Oct 1, 2012 at 11:57 AM, Christopher R. Hertel <crh at ubiqx.mn.org>
>> wrote:
>> > On 10/01/2012 01:52 PM, Jeremy Allison wrote:
>> >>
>> >> On Mon, Oct 01, 2012 at 02:42:51PM -0400, simo wrote:
>> >>>
>> >>> On Mon, 2012-10-01 at 13:28 -0500, Christopher R. Hertel wrote:
>> >>>>
>> >>>> What are the current best practices for ACL handling?
>> >>>>
>> >>>> To my knowledge, it's using EAs to store the ACLs.  Is there any
>> >>>> in-depth
>> >>>> documentation on this implementation?  Are there any other mechanisms
>> >>>> in
>> >>>> use?
>> >>>
>> >>>
>> >>> We store the Windows ACL in an EA and a matching posix ACL
>> >>> translation
>> >>> on the file, plus a sha hash of the ACL so we can be sure they are in
>> >>> sync.
>> >>>
>> >>> I am not aware of any other doc beyond the code.
>> >>
>> >>
>> >> Well there are some SambaXP talks on it I did a while ago :-).
>> >>
>> >> Sorry.
>> >
>> >
>> > I'll look at the code and your talks.  Those are the kinds of pointers
>> > I
>> > needed.
>> >
>> > Is there any reason to even consider the possibility of thinking about
>> > pondering the idea of toying with the concept of somehow using TDB
>> > (CTDB) to
>> > manage ACLs, or is that not a particularly rational approach?
>>
>> I think TDBs would be problematic since with one permanent record for
>> each file, and say
>> a few billion files, the TDB would become huge. As in >>TB size huge.
>>
>> You would also have the problem of single point of failure.  That TDB
>> file goes bad, you now lost all ACLs for all your files.
>
> Backups would also be problematic, ACLs and actual files would end up
> being backed up at potentially very different times, allowing for
> incomplete or mismatching backups of ACLs.
>
> Simo.
>
> --
> Simo Sorce
> Samba Team GPL Compliance Officer <simo at samba.org>
> Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>
>
>

-- 
Inviato dal mio dispositivo mobile

More information about the samba-technical mailing list