[PATCH] Add tests for our NFSv4 ACL code

Alexander Werth werth at linux.vnet.ibm.com
Mon Apr 22 06:44:45 MDT 2013 

On Mon, 2013-04-22 at 10:32 +1000, Andrew Bartlett wrote:
> On Wed, 2013-04-17 at 21:13 +0200, Alexander Werth wrote:
> > On Sun, 2013-04-14 at 22:00 +1000, Andrew Bartlett wrote:
> > > From here, I want to learn more about the failures, work out at what
> > > layer we should be doing various inheritance operations (adding
> > > emulation if required), and possibly patch raw.acls to optionally skip
> > > SACLs in the comparisons. 
> > 
> > I've merged the inheritance emulation into your nfs4acl_xattr module.
> > Please find the code in the attached patch.
> > The idea is that if no xattr with nfs4 acls is found the parent
> > folders are inspected recursively.
> > This way any vfs operation reading the acl of a file that just got
> > created with an open call will return the right security descriptor.
> > 
> > With this the test nfs4acl_xattr.dynamic passes.
> > The nfs4acl_xattr.inheritance passes as well but there are
> > warnings since the SDs don't match bit for bit and the torture
> > test returns a failed even though there was no hard error.
> > So I guess we have to adjust the torture test before committing
> > this patch.
> 
> Thanks for all your hard work here.  These changes seen entirely
> sensible to me.  Could you perhaps merge them into a set that could be
> committed to master?  (Probably squash some of them together)

Sounds good. I've rebased and attached a patchset that contains the
following commits:

  build: Move nfs4acl to the top level
  vfs: Add vfs_handle_struct argument to smb_set_nt_acl_nfs4 and the callback
  vfs: Allocate SMB4ACL_T on an explict memory context
  vfs: Fix compile of vfs_gpfs.c.
  vfs: Remove unused security_info argument in vfz_zfsacl.c
  vfs: Fix missing TALLOC_CTX argument in vfs_zfsacl on blocking functions
  vfs: Add new VFS module vfs_nfs4acl_xattr to use nfs4acl.idl
  librpc: Add special owner/group/other constants to nfs4acl.idl
  selftest: Run raw.acls test against the nfs4acl_xattr module
  vfs: Add inheritance emulation to vfs_nfs4acl_xattr.
  s4-smbtorture: Set result message when failing the inheritance test.

With kind regards,
Alexander Werth
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patchset-nfs4acl-test.2013-04-22.patch
Type: text/x-patch
Size: 62827 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20130422/4eae2bf9/attachment.bin>

More information about the samba-technical mailing list