[PATCH] Fix for XDR Backend of NFS4ACL_XATTR module to get it working with NFS4.0 ACL Spec

Volker Lendecke Volker.Lendecke at SerNet.DE
Thu Jul 26 04:44:18 UTC 2018 

On Wed, Jul 25, 2018 at 03:08:04PM -0700, Jeremy Allison via samba-technical wrote:
> On Wed, Jul 25, 2018 at 12:24:04PM +0000, Sandeep Nashikkar via samba-technical wrote:
> > 
> > Please find attached the updated patch and kindly review it. I added code for
> > handling those cases where security principals are converted to string identifiers by nfs-ganesha after restart. 
> 
> FYI - what platform are you testing this on ?
> 
> If I do the following as my own user on Linux/Debian:
> 
> $ touch foo
> $ setfattr -n system.nfs4_acl -v testme foo
> setfattr: foo: Operation not supported

Do you have a proper NFSv4 mount on "foo" including ACLs? There that
precise syscall works for me, albeit using nfs4_setacl:

strace -o /tmp/x nfs4_setfacl  -a 'A::1005:rtncy' /data/baz

stat("/data/baz", {st_mode=S_IFREG|0666, st_size=0, ...}) = 0
stat("/data/baz", {st_mode=S_IFREG|0666, st_size=0, ...}) = 0
getxattr("/data/baz", "system.nfs4_acl", NULL, 0) = 160
getxattr("/data/baz", "system.nfs4_acl",
"\0\0\0\7\0\0\0\0\0\0\0\0\0\22\0\211\0\0\0\0041004\0\0\0\0\0\0\0\0\0\
22\0\211\0\0\0\0041004\0\0\0\0\0\0\0\0\0\22\0\211\0\0\0\0041003\0\0\0\0\0\0\0\0\0\22\0\211\0\0\0\0041002\0\0\0
\0\0\0\0\0\0\36\1\237\0\0\0\6OWNER@\0\0\0\0\0\0\0\0\0@\0\22\0\211\0\0\0\6GROUP@\0\0\0\0\0\0\0\0\0\0\0\22\0\213
\0\0\0\tEVERYONE@\0\0", 160) = 160
setxattr("/data/baz", "system.nfs4_acl",
"\0\0\0\10\0\0\0\0\0\0\0\0\0\22\0\211\0\0\0\0041005\0\0\0\0\0\0\0\0\0\22\0\211\0\0\0\0041004\0\0\0\0\0\0\0\0\0\22\0\211\0\0\0\0041004\0\0\0\0\0\0\0\0\0\22\0\211\0\0\0\0041003\0\0\0\0\0\0\0\0\0\22\0\211\0\0\0\0041002\0\0\0\0\0\0\0\0\0\36\1\237\0\0\0\6OWNER@\0\0\0\0\0\0\0\0\0@\0\22\0\211\0\0\0\6GROUP@\0\0\0\0\0\0\0\0\0\0\0\22\0\213\0\0\0\tEVERYONE@\0\0",
180, XATTR_REPLACE) = 0

> - in other words, the 'system' namespace
> isn't accessible on Linux. I don't think we
> can hardcode the 'system' namespace here.

root at vl-jessie:~# uname -a
Linux vl-jessie 4.9.0-7-amd64 #1 SMP Debian 4.9.110-1 (2018-07-05) x86_64 GNU/Linux

Volker

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de

More information about the samba-technical mailing list