Date: Fri, 08 Dec 2017 19:12:24 +0100 From: Harry Schmalzbauer <freebsd@omnilan.de> To: freebsd-fs@freebsd.org Subject: New in 11? ZFS ACL -> aclinherit stacks synthesized mode ACEs Message-ID: <5A2AD608.2090001@omnilan.de>
next in thread | raw e-mail | index | archive | help
Hello,
quick question, haven't had time to investigate yet, but accidentally
noticed that something between FreeBSD 10 and 11 has changed regarding
ZFS ACL inheritance.
Example:
If a parent directory has the file-inherit flag is set in a mode
synthesized ACE, the ACL of a file in that directory get the mode ACEs
stacked:
getfacl DIR
# file: DIR/ #
owner: toor # group: wheel
owner@:rwxp-daARWcCos:fd-----:allow
group@:rwxp--a-R-c--s:fd-----:allow
everyone@:----D---------:-d-----:deny
everyone@:------a-R-c--s:fd-----:allow
touch DIR/testfile
getfact DIR/testfile
# file: DIR/testfile # owner: toor #
group: wheel
owner@:rw-p-daARWcCos:------I:allow
group@:rw-p--a-R-c--s:------I:allow
everyone@:------a-R-c--s:------I:allow
owner@:rw-p--aARWcCos:-------:allow
group@:rw-p--a-R-c--s:-------:allow
everyone@:------a-R-c--s:-------:allow
The (my) ACL of the parent hasn't change for some years (and aclinherit
is set to "passthrough-x" and aclmode is "passthrough", also unchanged
for several years).
I never saw the resulting ACL before FreeBSD 11.1
Anyone out there who knows what changed why?
Thanks,
-harry
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5A2AD608.2090001>