From owner-freebsd-questions@FreeBSD.ORG  Sun Mar 13 12:20:08 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3F97716A4CE
	for <freebsd-questions@freebsd.org>;
	Sun, 13 Mar 2005 12:20:08 +0000 (GMT)
Received: from smtp11.wanadoo.fr (smtp11.wanadoo.fr [193.252.22.31])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D909B43D55
	for <freebsd-questions@freebsd.org>;
	Sun, 13 Mar 2005 12:20:07 +0000 (GMT)
	(envelope-from atkielski.anthony@wanadoo.fr)
Received: from me-wanadoo.net (localhost [127.0.0.1])
	by mwinf1106.wanadoo.fr (SMTP Server) with ESMTP id 91A261C00093
	for <freebsd-questions@freebsd.org>;
	Sun, 13 Mar 2005 13:20:06 +0100 (CET)
Received: from pix.atkielski.com (ASt-Lambert-111-2-1-3.w81-50.abo.wanadoo.fr
	[81.50.80.3])
	by mwinf1106.wanadoo.fr (SMTP Server) with ESMTP id 76AC31C00092
	for <freebsd-questions@freebsd.org>;
	Sun, 13 Mar 2005 13:20:06 +0100 (CET)
X-ME-UUID: 20050313122006486.76AC31C00092@mwinf1106.wanadoo.fr
Date: Sun, 13 Mar 2005 13:20:06 +0100
From: Anthony Atkielski <atkielski.anthony@wanadoo.fr>
X-Priority: 3 (Normal)
Message-ID: <1783108411.20050313132006@wanadoo.fr>
To: freebsd-questions@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Subject: Who is using ACLs in production?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: freebsd-questions@freebsd.org
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Mar 2005 12:20:08 -0000

Anyone using ACLs in production on FreeBSD 5.x?  If so, how do you use
them, and what are your impressions?  How do they affect performance,
how reliable is the code, does it really help security, etc.?

I've enabled them on my test system to see how they work.

Also, if someone can tell me why tunefs refuses to enable ACLs on the
root filesystem, I'd appreciate it.  I get

# tunefs -a enable /dev/da0s1a
tunefs: ACLs set
tunefs: /dev/da0s1a: failed to write superblock

I get the same error if I try to set ACLs on just '/', and the error is
the same in both single-user and multiuser modes.  If I mount /
read-only, I can set ACLs and verify it with tunefs -p, but after I
reboot, the ACLs are disabled again.  What do I have to do to enable
ACLs on /?

-- 
Anthony