On 2/26/2010 6:52 PM, Paul B. Henson wrote:
On Fri, 26 Feb 2010, David Dyer-Bennet wrote:
chown ddb /path/to/file
chmod 640 /path/to/file
I'll tell you, if I type that and then find I (I'm "ddb") *can't* read the
file, I'm going to be REALLY unhappy.
Then clearly you should configure your zfs filesystem in such a manner as
to propogate the mode bit changes to the ACL. Which is currently, and even
if the additional modes I'd like to see are implemented, would remain the
default. So unless you explicitly selected an alternative that better met
your needs you could continue to ignore the differences between legacy mode
bits and ACL's.
So, even if you're willing to completely discard 30 years of legacy
scripts and applications -- how to you propose that a NEW script or
application should be written so as to work in this brave new environment?
The concept of having parts of a filesystem designated ACL-only and parts
designated permissions-only leads to a total nightmare for utilities,
applications, and admin scripts of all kinds, so I don't think that can
be the answer.
I disagree. If your deployment scenario is better served by preventing a
ACL from being mangled by a well intentioned but destructive mapping of
legacy permission mode bits, why shouldn't that option be available for
you? Nobody would be forced to use it. It would probably be very unwise to
set such an option on a root pool filesystem. But for a data filesystem
with files accessed both via CIFS and NFSv4, the ability to keep *exactly*
that same set of utilities, applications, and admin scripts from screwing
up your ACL's would be invaluable.
And how should new utilities be written to take the place of the 30
years of work you're throwing out? I don't yet see how it can be done.
Maybe you could make some rules, though.
No, that's been tried before. There is no good mapping from mode bits to
ACL's. My understanding is that Sun is currently considering getting rid of
both the groupmask and passthrough aclmode's (both examples of trying to
apply rules to map mode bit changes to ACL's), leaving only discard. I
actually agree with that -- if you're going to apply mode bit changes to an
object with an ACL, you might as well just get rid of it. However, in
addition to discard, I think an option to just not *let* the ACL be
destroyed should also be available.
It doesn't have to be complete to be extremely useful.
--
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
