Hello,
This is to announce a prototype that implements NFSv4 ACLs natively on Linux.
So far, the implementation supports NFSv4 ACLs on Ext3 filesystems. The code
is functional, but hasn't seen a whole lot of testing so far.
NFSv4 ACLs per se do not map to the POSIX permission model and the extension
mechanisms that POSIX allows very well. Different designs to extend the
definition of NFSv4 ACLs in order to make them map better to POSIX have been
proposed. A conclusion which design to adopt for NFSv4 Minor Version 1 has
not been reached so far. See the [email protected] mailing list
(http://www1.ietf.org/mailman/listinfo/nfsv4) for discussions.
This prototype features a design that is relatively close to POSIX 1003.1e
draft 17 ACLs as implemented on many flavors of UNIX. Until a formal design
document is available, please refer to the discussion in the following two
threads on the [email protected] mailing list, and read the code:
NFSv4 ACL and POSIX interaction / mask
http://www1.ietf.org/mail-archive/web/nfsv4/current/msg03268.html
NFSv4 ACL and POSIX interaction / mask, draft-ietf-nfsv4-acls-00 not ready
http://www1.ietf.org/mail-archive/web/nfsv4/current/msg03286.html
The prototype itself is available at http://www.suse.de/~agruen/nfs4acl/,
along with some more information.
Regards,
Andreas
--
Andreas Gruenbacher <[email protected]>
Novell / SUSE Labs
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
On Fri, 2006-07-14 at 16:37 +0200, Andreas Gruenbacher wrote:
> Hello,
>
> This is to announce a prototype that implements NFSv4 ACLs natively on Linux.
> So far, the implementation supports NFSv4 ACLs on Ext3 filesystems. The code
> is functional, but hasn't seen a whole lot of testing so far.
Ooh. Interesting...
Are you planning on encoding the acl model that is being used directly
in the on-disk filesystem flags instead of relying on a mount option?
The incompatibilities between the two models is bound to cause trouble
if some administrator messes up the mount command line.
Cheers,
Trond
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
On Friday, 14 July 2006 16:49, Trond Myklebust wrote:
> On Fri, 2006-07-14 at 16:37 +0200, Andreas Gruenbacher wrote:
> > Hello,
> >
> > This is to announce a prototype that implements NFSv4 ACLs natively on
> > Linux. So far, the implementation supports NFSv4 ACLs on Ext3
> > filesystems. The code is functional, but hasn't seen a whole lot of
> > testing so far.
>
> Ooh. Interesting...
>
> Are you planning on encoding the acl model that is being used directly
> in the on-disk filesystem flags instead of relying on a mount option?
I haven't thought about this much so far. At the moment it's either POSIX ACLs
or NFSv4 ACLs, per filesystem, and even if xattrs of the "other" ACL model
exist on the filesystem, they will be completely invisible. We could encode
the ACL model used in the filesystem flags, or think about mixed models as
known from NetApp Filers. There is a lot more work to be done before we'll
get there though.
> The incompatibilities between the two models is bound to cause trouble
> if some administrator messes up the mount command line.
Quite likely, yes.
Andreas
_______________________________________________
nfsv4 mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/nfsv4
Le vendredi 14 juillet 2006 =E0 16:37 +0200, Andreas Gruenbacher a =E9crit :
> Hello,
> =
> This is to announce a prototype that implements NFSv4 ACLs natively on Li=
nux. =
> So far, the implementation supports NFSv4 ACLs on Ext3 filesystems. The c=
ode =
> is functional, but hasn't seen a whole lot of testing so far.
Do you mean you do not know where to find ACL test-suite ?
If yes, you should use LTP :
http://ltp.sourceforge.net/
ltp-full-20060615.tgz
ltp-full-20060615/testcases/network/nfsv4/acl/,
which contains our ACL tests (see:
http://nfsv4.bullopensource.org/tools/tests_index.php , at the bottom).
Regards,
Tony
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easi=
er
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=3D1=
21642
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs