Date: Mon, 30 Dec 2002 00:35:58 -0500 (EST) From: Robert Watson <rwatson@freebsd.org> To: joe mcguckin <joe@via.net> Cc: freebsd-hackers@freebsd.org Subject: Re: NFS & ACLS's ? Message-ID: <Pine.NEB.3.96L.1021229235134.80032B-100000@fledge.watson.org> In-Reply-To: <BA32252B.1B1BF%joe@via.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 27 Dec 2002, joe mcguckin wrote: > Are there any strange interactions between NFS and filesystems that are > not UFS? E.g. UFS2? Does NFS support new features that these fs's may > implement? NFS can represent many but not all of the services found in UFS1 and UFS2. Among things it doesn't support are the retrieval and manipulation of BSD file user flags, system flags, extended attributes, and access control lists (ACLs). However, NFSv3 does correctly handle enforcement with these features because clients rely on the server to evaluate protections on file system objects using an ACCESS RPC. NFS2 evaluates protections on the client (if I recall correctly) so may not behave properly. There are RPC extensions to NFSv3 to retrieve and manipulate ACLs on Solaris, IRIX, et al, but we don't currently implement those extensions. Likewise, NFSv4 supports ACL management, but we don't yet implement NFSv4. It shouldn't be too hard to dig up information on the NFSv3 ACL RPC extensions and implement them on FreeBSD 5, since the semantics of our ACLs are highly compatible with Solaris and IRIX. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1021229235134.80032B-100000>