possible NIS/ACL bug?

Sun, 02 Nov 2003 23:22:59 -0800 

        I think I might have found a bug in ACL's under UFS2 with
5.1-RELEASE-p10.  I have been using ACL's successfully for awhile
now, but I'd never played with default ACL's for directories and
files you create underneath said directories until I came across
the daemon news article at:
---
http://ezine.daemonnews.org/200310/acl.html

        Anyway, while playing and following the examples, I think
I may have found a bug in ACL's when using NIS maps.  Here's my
example (extra newline between prompts):
---
[EMAIL PROTECTED]/p0:~/test> getfacl .. | setfacl -M - .

[EMAIL PROTECTED]/p0:~/test> getfacl .
#file:.
#owner:1019
#group:1019
user::rwx
group::r-x
group:nes:r-x
group:loki:r-x
mask::r-x
other::r-x

[EMAIL PROTECTED]/p0:~/test> getfacl .. | setfacl -dM - .

[EMAIL PROTECTED]/p0:~/test> getfacl -d .
#file:.
#owner:1019
#group:1019
user::rwx
group::r-x
group:nes:r-x
group:loki:r-x
mask::r-x
other::r-x

[EMAIL PROTECTED]/p0:~/test> touch something

[EMAIL PROTECTED]/p0:~/test> getfacl something 
#file:something
#owner:1019
#group:1019
user::rw-
group::r-x              # effective: r--
group::r-x              # effective: r--
group::r-x              # effective: r--
mask::r--
other::r--
---

        Uh oh!  It's that last part where there are the two extra
entries for the two ACL added groups, but no GID seems to have
been stored with each entry, whereas the example in the daemon
news article does actually show GID's in these places.

        So I assume this is an NIS/ACL bug of some kind?  Both my
uid and gid as well as both the gid's above (nes and loki) are
mapped via NIS.  If anyone needs me to do anything else, let me
know.  I don't feel nearly competent enough to start debugging
the source for get/setfacl to try to grok any of this.  :)

-- 
Mark Nipper                                                e-contacts:
Computing and Information Services                      [EMAIL PROTECTED]
Texas A&M University                        http://ops.tamu.edu/nipsy/
College Station, TX 77843-3142     AIM/Yahoo: texasnipsy ICQ: 66971617
(979)575-3193                                      MSN: [EMAIL PROTECTED]

-----BEGIN GEEK CODE BLOCK-----
GG/IT d- s++:+ a- C++$ UBL+++$ P--->+++ L+++$ E---
W++ N+ o K++ w(---) O++ M V(--) PS+++(+) PE(--) Y+
PGP++(+) t 5 X R tv b+++ DI+(++) D+ G e h r++ y+(**)
------END GEEK CODE BLOCK------

---begin random quote of the moment---
"Well, if we told you how we did it, then it very well wouldn't
be unbreakable, would it?  You need to trust us with your data.
These are not the backdoors you are looking for."
 -- random /. quote
----end random quote of the moment----
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to