Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 27 Dec 2021 16:06:58 GMT
From:      Rick Macklem <rmacklem@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: f10dc28ec21d - main - nfscommon: Return NFSERR_ATTRNOTSUPP for AUDIT/ALARM ACEs
Message-ID:  <202112271606.1BRG6wvS085183@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=f10dc28ec21db60cf1faa3c4b445c4065e760dba

commit f10dc28ec21db60cf1faa3c4b445c4065e760dba
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2021-12-27 16:03:41 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2021-12-27 16:03:41 +0000

    nfscommon: Return NFSERR_ATTRNOTSUPP for AUDIT/ALARM ACEs
    
    FreeBSD only supports Allow/Deny ACEs in NFSv4 ACLs.
    As such, it does not make sense to parse Audit/Alarm
    ACEs.  Modify nfsrv_dissectace() so that it returns
    NFSERR_ATTRNOTSUPP if an Audit/Alarm ACE is found in
    the ACL being parsed.  The code has been #ifdef notnow'd,
    since Audit/Alarm ACEs might be supported someday.
    
    This should not have significant impact, since FreeBSD
    reports to clients that only Allow/Deny ACEs are
    supported and an attempt to set one would have failed
    anyhow.
    
    MFC after:      2 weeks
---
 sys/fs/nfs/nfs_commonacl.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sys/fs/nfs/nfs_commonacl.c b/sys/fs/nfs/nfs_commonacl.c
index e3583b273db8..057efdfbc29c 100644
--- a/sys/fs/nfs/nfs_commonacl.c
+++ b/sys/fs/nfs/nfs_commonacl.c
@@ -158,10 +158,13 @@ nfsrv_dissectace(struct nfsrv_descript *nd, struct acl_entry *acep,
 			acep->ae_entry_type = ACL_ENTRY_TYPE_ALLOW;
 		else if (acetype == NFSV4ACE_DENIEDTYPE)
 			acep->ae_entry_type = ACL_ENTRY_TYPE_DENY;
+#ifdef notnow
+		/* FreeBSD does not support Audit/Alarm ACEs at this time. */
 		else if (acetype == NFSV4ACE_AUDITTYPE)
 			acep->ae_entry_type = ACL_ENTRY_TYPE_AUDIT;
 		else if (acetype == NFSV4ACE_ALARMTYPE)
 			acep->ae_entry_type = ACL_ENTRY_TYPE_ALARM;
+#endif
 		else
 			aceerr = NFSERR_ATTRNOTSUPP;
 	}

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202112271606.1BRG6wvS085183>