Current approaches to ACL handling

Christopher R. Hertel crh at samba.org
Wed Oct 3 14:43:48 MDT 2012 

On 10/03/2012 03:29 PM, J. Bruce Fields wrote:
> On Wed, Oct 03, 2012 at 02:48:00PM -0500, Christopher R. Hertel wrote:
>> On 10/03/2012 08:48 AM, J. Bruce Fields wrote:
>>> On Mon, Oct 01, 2012 at 02:36:20PM -0500, Christopher R. Hertel wrote:
>>>> On 10/01/2012 02:27 PM, Scott Lovenberg wrote:
>>>> :
>>>>> While we're all playing this game, I'll chime in with performance of a
>>>>> userland database versus in kernel structures and extra context
>>>>> switching. :)
>>>>
>>>> Hey, you get RichACLs into the kernel and we'll be happy to use 'em.  :)
>>>>
>>>> Even if EA's in are in the file system, we still need to read them
>>>> out and process them in userland.  I think there are a few small
>>>> dragons to be dealt with there, particularly across a cluster.
>>>
>>> As there are for the actual file data and normal attributes.  Yes, there
>>> may well be bugs, but they're filesystem bugs....
>>
>> I meant that enforcing ACLs that are stored in EAs requires reading
>> them into userspace and enforcing them there.  It's not a filesystem
>> issue, it's a problem of synchronizing the interpretation of the
>> meta-data between multiple processes (possibly across multiple
>> machines) and the kernel(s).
>
> I thought Samba depended on the posix acl for enforcement?  Or does it
> do both?

I worked on ACL support back in '07, so I'm reviewing what's been done since 
then.  That's why I'm askin' questions.  :)

If there is support for Posix ACLs in the underlying file-system, those can 
be used directly.  Also, there are some filesystems out there that support 
other ACL mechanisms.  Some of the proprietary file systems (OneFS, 
StorNext) have support for Windows ACLs.

Jeremy's presentation from 2009 (mentioned earlier in this thread) covers 
different ways of leveraging that support.  It's best, of course, if the 
ACLs are stored in the file system and handled by the kernel.

If, however, the underlying file system does *not* have support for any kind 
of ACL, then there's the EA method.  EAs can be used to store the ACLs, but 
this method clearly doesn't provide any kernel support for enforcing them.

...and this is all much better than the old method of encoding DOS FAT 
attribute bits into the file mode bits.

I am still catching up on this topic.  I'm a bit out of the loop, so I'll 
encourage my colleagues to hit me with the clue bat.

Chris -)-----

-- 
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org

More information about the samba-technical mailing list