[PATCH] vfs_acl_xattr: avoid setting POSIX acls if "ignore system acls" is set

Richard Sharpe realrichardsharpe at gmail.com
Tue Mar 22 15:14:17 UTC 2016

On Tue, Mar 22, 2016 at 1:19 AM, Uri Simchoni <uri at samba.org> wrote:
> Hi,
> Attached patch avoids setting the POSIX ACLs to match the NT ACLs, if
> "ignore system acls" is set.
> I believe this new behavior is more consistent with the vfs_acl_xattr man
> page. It also has the following benefits:
> - Avoid unnecessary sid->xid translations
> - Better compatibility with Windows, since by default Windows does not
> enforce existence of "traverse folder" right on parent folders, and
> modifying POSIX ACLs on parent folders could cause the kernel to deny access
> (dunno how RichACLs would handle this one :( ).

Can you also remove that stupid time value that was added? It screws
up ACL deduplication if you have a file system that can do that.

At least it should be configurable.

Actually, it should also be possible to configure V3 vs V4 formats as well.

> Passes local make test.
> Please review,
> Uri.

Richard Sharpe

More information about the samba-technical mailing list