2018-09-26 19:53:35

by Fabio Coatti

[permalink] [raw]
Subject: posix acl issue

Hi All,
I'm seeing a weird behaviour wrt posix acl.
Basically it seems that they are not working, even though ACLs are enabled for
all the filesystems on my machine.
attrs are working just fine for the same files.
Example:
> getfacl pippo
# file: pippo
# owner: cova
# group: cova
other::r--

> setfacl -m other::r-- pippo
setfacl: pippo: Malformed access ACL `other::r--': Missing or wrong entry at
entry 1

============

also, udev uaccess rules are not applied and systemd-udevd spits out this
message:
(this is when inserting a yubikey)
systemd-udevd[4921]: Failed to apply ACL on /dev/hidraw4: Invalid argument

kernel ACL setup:

=====
zcat /proc/config.gz | grep ACL
CONFIG_EXT2_FS_POSIX_ACL=y
CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_EXT4_FS_POSIX_ACL=y
CONFIG_XFS_POSIX_ACL=y
CONFIG_BTRFS_FS_POSIX_ACL=y
CONFIG_FS_POSIX_ACL=y
CONFIG_TMPFS_POSIX_ACL=y
CONFIG_JFFS2_FS_POSIX_ACL=y
CONFIG_NFS_V3_ACL=y
CONFIG_NFSD_V2_ACL=y
CONFIG_NFSD_V3_ACL=y
CONFIG_NFS_ACL_SUPPORT=m
CONFIG_CIFS_ACL=y

========
attrs seems to be ok:
> setfattr -n user.foo -v bar pippo

> getfattr pippo
# file: pippo
user.foo
=========

I tested this behaviour wit btrfs, tmpfs and ext4(ext2);
dmesg reports that acl mount option is recognized :
=======
EXT4-fs (dm-6): mounted filesystem with ordered data mode. Opts: acl
=======

but mount output seems to tell something different:

==========
/dev/mapper/vg0-test on /root/tt type ext4 (rw,relatime)
==========

and proc tells something even different:

==========
cat /proc/fs/ext4/dm-6/options
rw
bsddf
nogrpid
block_validity
dioread_lock
nodiscard
delalloc
nowarn_on_error
journal_checksum
barrier
auto_da_alloc
user_xattr
acl
noquota
resuid=0
resgid=0
errors=continue
commit=5
min_batch_time=0
max_batch_time=15000
stripe=0
data=ordered
inode_readahead_blks=32
init_itable=10
max_dir_size_kb=0
==========

Kernel is 4.18.10, but I tried several kernels on 4.18 and 4.17 series, no
changes.
gcc 8.2.0

I'm running a gentoo machine, with vanilla sources so no external patches.
I checked all possible kernel config options and whatnot without finding
anything obvious.
Likely I'm missing something obvious, but after several days diggin I got no
clues, so I would be glad of any hint or suggestions about where to look.
(please, keep me cc'ed in any answer).

Many thanks for any help.