[PATCH][WIP] Make vfs_acl_xattr use hash of the posix ACL

Christian Ambach ambi at samba.org
Tue Oct 16 01:54:14 MDT 2012


On 10/12/2012 10:09 PM, Andrew Bartlett wrote:

>>> By defining this interface, vfs_acl_common does not need to know what
>>> the system ACL is, be it posix or nfsv4 or AFS.  It can (if returned)
>>> just hash the contents of the data_blob and store it.
>>>
>>> At a later time, if the contents matches, then the exact NT ACL that
>>> the windows client set is returned.  If the hash does not match, the
>>> the posix, NFSv4 or AFS ACL must have been changed outside Samba,
>>> and an imperfect mapping to an NT ACL is returned instead. [...] I
>>> would welcome patches to linearise NFSv4 into NDR in the same way I
>>> did for posix ACLs in smb_acl.idl
>>
>> Shouldn't we better have one datatype that fits all variants instead of
>> having datatypes for each style of ACL? And the common denominator here
>> would be the general Windows SD format (as it has all fidelity).
>
> Yes, that data type is DATA_BLOB.  The hash code needs no more than that
> (I initially proposed it to be the sha256, but was requested to pass up
> the data_blob).

GPFS supports to retrieve the filesystem ACL as an opaque blob (for 
backup applications), so I guess this would be an ideal candidate for 
hashing, correct?
If so, where would this information now be stored?

Cheers,
Christian




More information about the samba-technical mailing list