[PATCH] vfs_acl_xattr: avoid setting POSIX acls if "ignore system acls" is set
Jeremy Allison
jra at samba.org
Tue Mar 22 16:22:33 UTC 2016
On Tue, Mar 22, 2016 at 08:14:17AM -0700, Richard Sharpe wrote:
> On Tue, Mar 22, 2016 at 1:19 AM, Uri Simchoni <uri at samba.org> wrote:
> > Hi,
> >
> > Attached patch avoids setting the POSIX ACLs to match the NT ACLs, if
> > "ignore system acls" is set.
> >
> > I believe this new behavior is more consistent with the vfs_acl_xattr man
> > page. It also has the following benefits:
> > - Avoid unnecessary sid->xid translations
> > - Better compatibility with Windows, since by default Windows does not
> > enforce existence of "traverse folder" right on parent folders, and
> > modifying POSIX ACLs on parent folders could cause the kernel to deny access
> > (dunno how RichACLs would handle this one :( ).
>
> Can you also remove that stupid time value that was added? It screws
> up ACL deduplication if you have a file system that can do that.
>
> At least it should be configurable.
>
> Actually, it should also be possible to configure V3 vs V4 formats as well.
That's a second patch on top :-). I'm gonna review Uri's work
as-is for now.
Richard, did you get chance to modify the SMB_VFS_SET_ATTRIBUTE
patch to return NTSTATUS ? Do you want me to do it ?
More information about the samba-technical
mailing list