[PATCH][WIP] Make vfs_acl_xattr use hash of the posix ACL

Jeremy Allison jra at samba.org
Tue Oct 9 13:12:45 MDT 2012

On Tue, Oct 09, 2012 at 10:58:17PM +1100, Andrew Bartlett wrote:
> This patch (still a work in progress, as I know it fails some tests) is
> what I've been talking about for months, and which I got VFS changes in
> (almost - one small change in this patch) into 4.0.0rc1.
> The idea is simple, have the ACL modules (the posix ACL modules in
> particular) provide a blob form of the ACL, and then hash that, rather
> than an NT ACL that might change if our ACL mapping code changes. 
> So far I've made it simply fall back in the NFSv4 case, but we can
> define these in IDL as well if we want to do the same there. 
> The idea is to insulate these on-disk values from any required change we
> have to make. 
> I'm proposing these changes (once finished) for master, and will son
> have some more tests for this code.
> Any thoughts or comments most appreciated.

I'm not very keen on the talloc_steal code in here.

Why are you moving the talloc hierarcies around ?

The current ACL code is very simple, in that the
returned ACLs to any FGET_NT_ACL/GET_NT_ACL are
always allocated on the talloc_tos() of the caller.

There are no cases I know of where the context is
anything other than containing talloc_tos() (actually
this causes an issue in one place, but the place to
fix that is in the caller of [F]GET_NT_ACL).

I don't see the need for making this more complicated
than that.


More information about the samba-technical mailing list