[Samba] acl_xattr vs acl_tdb

Miguel Medalha miguelmedalha at sapo.pt
Sat Mar 27 07:48:13 MDT 2010

>> Shall I call you god now? :-)
> No me.  Err, wikipedia:

Why invoke wikipedia when "man attr" is at hand?

  This document describes the attr command, which  is  mostly  compatible
        with  the IRIX command of the same name.  It is thus aimed 
        at users of the XFS filesystem - for  filesystem  independent  
        attribute  manipulation,  consult the getfattr(1) and 
setfattr(1) docu-

        In the XFS filesystem, the names can be up to 256 bytes in 
length, ter-
        minated  by  the  first  0  byte.  The intent is that they be 
        ASCII (or other character set) names for the attribute.  The 
values can
        be up to 64KB of arbitrary binary data.

        Attributes  can  be attached to all types of XFS inodes: regular 
        directories, symbolic links, device nodes, etc.

        XFS uses  2  disjoint  attribute  name  spaces  associated  
with  every
        filesystem  object.   They  are  the root and user address 
spaces.  The
        root address space is accessable only to the superuser, and  
then  only
        by  specifying  a flag argument to the function call.  Other 
users will
        not see or be able to modify attributes in the root address 
space.  The
        user  address  space is protected by the normal file permissions 
        nism, so the owner of the file can decide who is  able  to  see  
        modify the value of attributes on any particular file.


The question still stands in what concerns ext3/ext4.
About a year ago I posted the following to this Samba list:


I am now experimenting with samba 3.3.0 and acl_xattr. I can see that
there is another method of storing Windows ACLs: acl_tdb.

Can someone here tell me something about the relative merits and
demerits of those two methods?

I am using CentOS with an ext3 filesystem.

The (only) answer I got was the following:

xattrs have size limitations on most file systems, so you
won't be able to store truly large ACLs. Don't know the
numbers for ext3.

The tdb one is there for file systems without xattrs or with
too severe limitations for them, but it has issues with
native unix backup/restore (acls are indexed by inode).

And that was all. Hence my comment about the "secrets of the gods".
Samba comes with several methods of storing ACLs. Is it too much to ask for
just a little information about them so that the users can make a decision, even
if those users are not experts on the inwards of filesystem development?

Than you to all who posted answers my question.

More information about the samba mailing list