Return-Path: linux-nfs-owner@vger.kernel.org Received: from fieldses.org ([174.143.236.118]:38410 "EHLO fieldses.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753609Ab2GXTxD (ORCPT ); Tue, 24 Jul 2012 15:53:03 -0400 Date: Tue, 24 Jul 2012 15:53:01 -0400 From: "J. Bruce Fields" To: "Haynes, Tom" Cc: linux-nfs@vger.kernel.org, nfsv4@ietf.org Subject: Re: Constructing a NFSv4 ACL from POSIX mode bits Message-ID: <20120724195301.GL8570@fieldses.org> References: <20120724193348.GA4977@netapp.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii In-Reply-To: <20120724193348.GA4977@netapp.com> Sender: linux-nfs-owner@vger.kernel.org List-ID: On Tue, Jul 24, 2012 at 12:33:49PM -0700, Haynes, Tom wrote: > In looking at http://tools.ietf.org/html/draft-ietf-nfsv4-acl-mapping-05, it > states that when mapping the write bit, only for the owner do we set > ACE4_WRITE_ACL. > > Back in version 00, it is open as to whether we can also set it for the > group and other if they have the write bit set. > > I looked back at the NFSv4 WG aliases and I see some discussion from Lisa > on how Solaris only ever sets it for the owner due to POSIX restrictions > via chmod(). So, now I know how another server does it. > > What does the Linux server do in this case? The Linux server does what's described in the above draft: unconditionally sets NFS4_ACE_WRITE_ATTRIBUTES | NFS4_ACE_WRITE_ACL on an OWNER@ ALLOW ACE, and nowhere else. --b.