On Thu, Feb 22, 2018 at 06:18:52AM -0800, Frank Filz wrote: > Ah, that might be an issue. It’s hard to gets POSIX<->NFS V4 ACL > conversion as best as possible (again, impossible to make it perfect, > even for POSIX->NFS V4).
Well, POSIX->NFSv4 should be very close to perfect. (Name mapping might be the most likely problem in practice.) > It would be good to fix all these conversion issues (without copying > code from the kernel – note the license differences…) The original ACL mapping code was all written while I was at UM/CITI by me and a couple students, contributed under a permissive BSD-like license, as you can see from the license header on fs/nfsd/nfs4acl.c. So you should verify the license and git history to be sure, but I doubt licensing would be an obstacle. git://linux-nfs.org/bfields/acl.git also has patches implementing the same mapping in libacl, written entirely while I was at citi. They were never upstreamed. I'd recommend taking the kernel code instead as it's gotten more bugfixes. https://tools.ietf.org/html/draft-ietf-nfsv4-acl-mapping-05 has the best documentation of the mapping. All that aside, I agree with Frank that this is all complicated and error-prone. But the richacl patches seem stuck. The only other alternative I can think of at this point is to go back to the ietf nfsv4 working group with a proposal to add POSIX-like ACLs to NFSv4.2. --b. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Nfs-ganesha-devel mailing list Nfs-ganesha-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nfs-ganesha-devel
