Mark Shellenbaum wrote: > Alan M Wright wrote: >> Mark Shellenbaum wrote: >>> Darren J Moffat wrote: >>>> Mark Shellenbaum wrote: >>>>> Darren J Moffat wrote: >>>>>> Since this proposed behaviour is the default for ACLs on UFS why >>>>>> isn't it the default for ZFS too ? >>>>> >>>>> I'm more than willing to make this the default behavior for ZFS, >>>>> but it will affect POSIX compliance. If thats alright with >>>>> everyone then I can change it to be the default. >>>> >>>> Would this be the one and only setting that means that a ZFS dataset >>>> wouldn't be in a POSIX compliant configuration by default ? If it >>>> is then I would say it shouldn't be changed. However if there are >>>> others then IMO the default ACL behaviour should be the one that >>>> matches NFSv4 and what people expect of ACLs regardless of what >>>> POSIX thinks. >>>> >>> >>> Lets leave the default as it is, and have the new inheritance >>> behavior only take place under "passthrough". We can always change >>> this later with another fast track. >>> >>>> >>>>>> >>>>>> Also shouldn't "secure" be "posix" because "secure" is subjective >>>>>> and relative. >>>>>> >>>>> >>>>> secure is what it was called in the original ZFS ARC case. I can >>>>> change it to "posix" if you want. My only concern would be if >>>>> users have become accustomed to its present value. >>>> >>>> What about an alias ? >>>> >>> >>> How about I rename "secure" to "restricted" and have an alias for >>> "secure". >>> >>> -Mark >> >> Mark, >> >> While you are doing this, would it be possible to get aliases for some >> standard chmod settings? >> > > Why don't you open an RFE for that and I will take care of it, but its > not part of this case.
Okay. Alan >> For example, currently, to set FullControl we have: >> >> chmod A=everyone@:rwxpdDaARWcCos:fd:allow /pool/fs >> >> For most people that probably requires use of the man page every time. >> It would be nice if we could do: >> >> chmod A=everyone@:$FullControl:fd:allow /pool/fs >> >> How about three aliases: $READ, $CHANGE, $FULLCONTROL >> >> $Read: read, execute, view properties/permissions >> (directory: list contents) >> Alias for: rxacR >> >> $Change: $Read, write, delete, modify properties/permissions >> (directory: add files/sub-directories) >> Alias for: rwxpdDaARWcC >> >> $FullControl: $Change, write-owner >> Alias for: rwxpdDaARWcCos >> >> I'm not hung up on the doller ($) prefix or the names but it would >> be good to have something to make this easier than it is now. >> >> Alan >
