From owner-freebsd-bugs@FreeBSD.ORG  Fri Dec  7 15:40:00 2012
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@smarthost.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id 9A047A7E
 for <freebsd-bugs@smarthost.ysv.freebsd.org>;
 Fri,  7 Dec 2012 15:40:00 +0000 (UTC)
 (envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 by mx1.freebsd.org (Postfix) with ESMTP id 6F25A8FC16
 for <freebsd-bugs@smarthost.ysv.freebsd.org>;
 Fri,  7 Dec 2012 15:40:00 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id qB7Fe0cL033499
 for <freebsd-bugs@freefall.freebsd.org>; Fri, 7 Dec 2012 15:40:00 GMT
 (envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
 by freefall.freebsd.org (8.14.5/8.14.5/Submit) id qB7Fe0kV033498;
 Fri, 7 Dec 2012 15:40:00 GMT (envelope-from gnats)
Resent-Date: Fri, 7 Dec 2012 15:40:00 GMT
Resent-Message-Id: <201212071540.qB7Fe0kV033498@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
 Sandra <littlesandra88@gmail.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id EEC6B815
 for <freebsd-gnats-submit@FreeBSD.org>; Fri,  7 Dec 2012 15:32:40 +0000 (UTC)
 (envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
 by mx1.freebsd.org (Postfix) with ESMTP id D2ED78FC0C
 for <freebsd-gnats-submit@FreeBSD.org>; Fri,  7 Dec 2012 15:32:40 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
 by red.freebsd.org (8.14.5/8.14.5) with ESMTP id qB7FWe0u071745
 for <freebsd-gnats-submit@FreeBSD.org>; Fri, 7 Dec 2012 15:32:40 GMT
 (envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
 by red.freebsd.org (8.14.5/8.14.5/Submit) id qB7FWe1B071744;
 Fri, 7 Dec 2012 15:32:40 GMT (envelope-from nobody)
Message-Id: <201212071532.qB7FWe1B071744@red.freebsd.org>
Date: Fri, 7 Dec 2012 15:32:40 GMT
From: Sandra <littlesandra88@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-3.1
Subject: misc/174264: ZFS can only set 121 ACL's instead of 1024
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Dec 2012 15:40:00 -0000


>Number:         174264
>Category:       misc
>Synopsis:       ZFS can only set 121 ACL's instead of 1024
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Dec 07 15:40:00 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Sandra
>Release:        9
>Organization:
>Environment:
>Description:
According to the ZFS source[1] code[2], ZFS should be able to have 1024 ACL's pr inode. It can only set 121 ACL's.

It works on Solaris with 1024 ACL's. See script and output in "How to repeat the problem".


[1] #define	MAX_ACL_ENTRIES		(1024)	/* max entries of each type */

[2] http://svn.freebsd.org/base/user/eri/pf45/head/sys/cddl/contrib/opensolaris/uts/common/sys/acl.h
>How-To-Repeat:
setfacl -b /tank/project1

i=0
for u in $(ypcat passwd|awk -F':' '{print $1}'); do
    setfacl -m user:$u:rwxpDdaARWcCos:fd----:allow /tank/project1
    let i=i+1
    echo $i $u
done

-----------------
On Solaris 1024 ACL's work.

# cat maxacl
#!/bin/ksh

touch file
i=1
while true; do
  for u in $(getent passwd | nawk -F: '{print $1}'); do
    chmod A+user:$u:read_data:allow file || break 2
    printf "%d %s\n" $i $u
    i=$((i+1))
  done
  ls -v file | head
  ls -v file | wc -l
done

# ls -v file | head
-rw-r--r--+  1 root     root           0 déc   6 13:05 file
     0:user:utku3:read_data:allow
     1:user:utku2:read_data:allow
     2:user:utku1:read_data:allow
     3:user:utku0:read_data:allow
     4:user:utwww:read_data:allow
     5:user:jlliagre:read_data:allow
     6:user:nobody4:read_data:allow
     7:user:noaccess:read_data:allow
     8:user:nobody:read_data:allow
# ls -v file | tail
     1017:user:root:read_data:allow
     1018:owner@:execute:deny
     1019:owner@:read_data/write_data/append_data/write_xattr/write_attributes
         /write_acl/write_owner:allow
     1020:group@:write_data/append_data/execute:deny
     1021:group@:read_data:allow
     1022:everyone@:write_data/append_data/write_xattr/execute/write_attributes
         /write_acl/write_owner:deny
     1023:everyone@:read_data/read_xattr/read_attributes/read_acl/synchronize
         :allow





>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted: