Question about vfs_acl_common not setting filesystem permissions anymore

Jeremy Allison jra at samba.org
Tue Aug 30 19:20:27 UTC 2016 

On Tue, Aug 30, 2016 at 05:38:36AM +0200, Ralph Böhme wrote:
> On Mon, Aug 29, 2016 at 05:22:15PM -0700, Jeremy Allison wrote:
> > On Mon, Aug 29, 2016 at 09:17:13AM +0200, Ralph Böhme wrote:
> > > Hi
> > > 
> > > On Sat, Aug 27, 2016 at 05:45:54PM +0200, Ralph Böhme wrote:
> > > > Patch attached, it depends on the other acl_xattr|tdb patch. Please
> > > > review & comment. I'm still pondering the idea of forcing "store dos
> > > > attributes = yes" instead of the map xxx stuff.
> > > 
> > > sorry, wrong version, didn't build (new DEBUG macro call with a
> > > surplus closing parenthesis). Correct one attached.
> > 
> > If you're setting:
> > 
> > map archive = no
> > map hidden = no
> > map readonly = no
> > map system = no
> > 
> > Aren't you also going to need to set:
> > 
> > store dos attributes = yes
> > 
> > be default too ?
> 
> that's why I was asking. :)
> 
> But my understanding is, while it would make perfect sense to set it
> (which would also render it needless to set the map xxx stuff to no in
> the first place), it may be a valid combination to set
> 
> map archive = no
> map hidden = no
> map readonly = no
> map system = no
> store dos attributes = no
> 
> Doesn't make sense, but someone out there might be using it for some
> strange reason.

I can't see that. IMHO this is an invalid combination. At
that point there is no way to store DOS attibutes at all
and clients will break.

So I think we need to add 'store dos attributes = yes'
inside this patchset too.

> Having said that, I would actually favor to set "store dos attributes
> = yes" instead, as it makes a lot of sense, just don't want to break
> any exising setup with this change.

Looking through the existing code it is possible to set
the above - but now that 4.5.0 and above have the direct VFS
calls to get/set DOS attributes I think we need to remove
all references to:

lp_store_dos_attributes(), lp_map_readonly().. etc.

from above the VFS layer - as otherwise you can prevent
neccessary VFS calls from being made where an underlying
file system has a different meta-data store mechanism
for storing DOS attributes.

I'll prepare a patch that sorts this out so that a VFS
filesystem always gets access to the DOS attribute calls
no matter what the above settings are set to. The default
VFS-on-top-of-POSIX can keep the existing behavior below
the VFS layer.

More information about the samba-technical mailing list