[Samba] Operation Not Supported error for GETXATTR when VFS plugin "nfs4acl_xattr" is used

Jeremy Allison jra at samba.org
Fri Apr 6 17:27:32 UTC 2018


On Fri, Apr 06, 2018 at 01:44:50PM +0530, Akash Jain wrote:
> Hi All
> 
> I found there is one bug in the plugin. The name of the attribute for ACL as
> per strace output of nfs4_setfacl is system.nfs4_acl.
> The source code has defined it as
> #define NFS4ACL_XATTR_NAME      ( "system.nfs4acl" )
> 
> Note there is missing underscore.
> 
> After this, the EOPNOTSUPP error is not observed.
> 
> Hope this helps

Hmmm. This has been changed for Samba 4.8.0 and above,
with commit df99ac27106dededcf0a98a251e58c24b90bf6d1.

This would seem to be a correct fix, as it seems

"The "system" xattr namespace is reserved for the kernel. Any attempt to
    use xattrs in that namesspace will fail with EOPNOTSUPP, regardless of
    priveleges."

Can you check with 4.8.x ?

Jeremy.

Author: Ralph Boehme <slow at samba.org>
Date:   Thu Nov 2 12:17:48 2017 +0100

    librpc/idl: rename NFS4 ACL xattr name
    
    The "system" xattr namespace is reserved for the kernel. Any attempt to
    use xattrs in that namesspace will fail with EOPNOTSUPP, regardless of
    priveleges. In autobuild we're using the xattr_tdb VFS module, so it
    works there.
    
    Using the "security" namespace instead makes this module generally
    usable with Linux filesystem xattrs as storage backend.
    
    Additionally prefix the xattr name with "_ndr". This is in preperation
    of later commits that add a ACL blob marshalling format based on XDR. To
    avoid xattr name collision, both format will use distinct xattr names by
    default.
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

diff --git a/librpc/idl/nfs4acl.idl b/librpc/idl/nfs4acl.idl
index 3d6894a604c..79e742c90e7 100644
--- a/librpc/idl/nfs4acl.idl
+++ b/librpc/idl/nfs4acl.idl
@@ -13,7 +13,7 @@ import "misc.idl", "security.idl";
 ]
 interface nfs4acl_interface
 {
-       const char *NFS4ACL_NDR_XATTR_NAME = "system.nfs4acl";
+       const char *NFS4ACL_NDR_XATTR_NAME = "security.nfs4acl_ndr";
 
        const char *NFS4ACL_XATTR_OWNER_WHO      = "OWNER@";
        const char *NFS4ACL_XATTR_GROUP_WHO      = "GROUP@";




More information about the samba mailing list