Current approaches to ACL handling
jra at samba.org
Wed Oct 3 14:36:53 MDT 2012
On Wed, Oct 03, 2012 at 04:29:02PM -0400, J. Bruce Fields wrote:
> On Wed, Oct 03, 2012 at 02:48:00PM -0500, Christopher R. Hertel wrote:
> > On 10/03/2012 08:48 AM, J. Bruce Fields wrote:
> > >On Mon, Oct 01, 2012 at 02:36:20PM -0500, Christopher R. Hertel wrote:
> > >>On 10/01/2012 02:27 PM, Scott Lovenberg wrote:
> > >>:
> > >>>While we're all playing this game, I'll chime in with performance of a
> > >>>userland database versus in kernel structures and extra context
> > >>>switching. :)
> > >>
> > >>Hey, you get RichACLs into the kernel and we'll be happy to use 'em. :)
> > >>
> > >>Even if EA's in are in the file system, we still need to read them
> > >>out and process them in userland. I think there are a few small
> > >>dragons to be dealt with there, particularly across a cluster.
> > >
> > >As there are for the actual file data and normal attributes. Yes, there
> > >may well be bugs, but they're filesystem bugs....
> > I meant that enforcing ACLs that are stored in EAs requires reading
> > them into userspace and enforcing them there. It's not a filesystem
> > issue, it's a problem of synchronizing the interpretation of the
> > meta-data between multiple processes (possibly across multiple
> > machines) and the kernel(s).
> I thought Samba depended on the posix acl for enforcement? Or does it
> do both?
It can deny based on the Windows ACL entry, but currently
then relies on the POSIX ACL underneath. We don't (yet)
allow a Windows ACL allow to override POSIX. We might
do that at some point.
More information about the samba-technical