[PATCH] vfs module for VxFS

Andrew Bartlett abartlet at samba.org
Sun Aug 31 17:48:43 MDT 2014

On Wed, 2014-08-27 at 05:32 -0700, Abhidnya Joshi wrote:
> Hi List,


> As part of our NAS product, we are using Samba on top of Symantec File System (VxFS).
> We are making use of acl_xattr module to interpret and store NTACLs.


> This module tries to fix 2 issues:
> 1. Presently VxFS does not support security namespace for named attrs thus, NTACLs have to be stored under user.NTACL.

In your system, is there any protection to ensure that only Samba is
modifying this xattr, given it has moved from the protected namespace?

> 2. In VxFS, typically newly created file will share POSIX ACLs of its parent unless explicit ACL set call is made. POSIX ACLs are stored as an extended attr of a file/dir which uses separate inode.
> That means if there is sharing of ACLs, lesser number of Inodes. With acl_xattr, it is always explicit set ACL call after file/dir create. Thus inode number doubles!
> Our idea here is, do not set ACLs if existing POSIX ACLs are same with whatever Samba calculated as far as possible.

If that ACL is changed, but not the ACL on the children, what happens?

> Please find attached patch which adds new module for VxFS which can handle this.


Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba-technical mailing list