On 2022-05-30, kaymvoit wrote:
> Steps to reproduce
>
> This was observed in a SpectrumScale storage with CentOS.
> Vim warns of a read only file, for a file with mode 0000 despite GPFS ACL via
> NFSv4 ACLs grants full access.
>
> 1. Create file with mode 0000
> 2. Grand full access via (NFSv4) ACL
> 3. Open file and read warning about readonly file
> 4. Try to save, encounter E45: 'readonly' optin is set
> 5. Override with !, save successfully
>
> (This came up due to the fact that the storage does not seem to set Unix
> permission on files that inherited permissions when they were created via
> CIFS,
> but only ACLs).
>
> Expected behaviour
>
> Vim determines actual status of writability.
>
> Python's f.writeable() is able to determine the status correctly, so I assume
> the information is more or less trivially there.
>
> Version of Vim
>
> VIM - Vi IMproved 7.4 (2013 Aug 10, compiled Oct 13 2020 16:13:17) Included
> patches: 1-207, 209-629
>
> Environment
>
> CentOS Linux release 7.9.2009 (Core)
> TERM=xterm-256color
> zsh 5.0.2 (x86_64-redhat-linux-gnu)
>
> Logs and stack traces
>
> No response
>
My very limited understanding of ACLs and Linux file permissions is
that together they set an upper limit on file access. That is,
a user's access is determined by the maximum granted by the two
mechanisms. So, if a file has mode 0000, nobody has permission to
read, write or execute it, regardless of the ACL.
Here is a citation from one reference:
POSIX Access Control Lists on Linux
https://www.usenix.org/legacy/publications/library/proceedings/usenix03/tech/freenix03/full_papers/gruenbacher/gruenbacher_html/main.html
Therefore, the meaning of the group class permissions is
redefined: under their new semantics, they represent an
upper bound of the permissions that any entry in the group
class will grant.
Regards,
Gary
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/vim_dev/20220530180921.GA23469%40phoenix.
