From owner-freebsd-arch@FreeBSD.ORG Fri Oct 29 19:12:00 2010 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DAF1F1065670 for ; Fri, 29 Oct 2010 19:12:00 +0000 (UTC) (envelope-from etnapierala@googlemail.com) Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com [209.85.214.54]) by mx1.freebsd.org (Postfix) with ESMTP id 62FA58FC13 for ; Fri, 29 Oct 2010 19:11:59 +0000 (UTC) Received: by bwz3 with SMTP id 3so2821199bwz.13 for ; Fri, 29 Oct 2010 12:11:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:sender:from:content-type :content-transfer-encoding:subject:date:message-id:to:mime-version :x-mailer; bh=5PsOgYJlUcY8D1HkqgEU5Zyksx1MaCw9y7dnQZinvvg=; b=naCBKwxCp+JB6MpTREFgmJ6UvHfj3mqBzZpk0xARjp2oicx6e7CqGEeU6wqIGxI4do pIjpDaiX1mDx8cQPC5gW/UTKOx7AlgVO8if0gcBuqT5SXRqkGo7W8z2m4cN6SNzyOq9u bkqnBZdW7HX/i/NbvHqTAzhJgobBcuKBbdi6s= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=sender:from:content-type:content-transfer-encoding:subject:date :message-id:to:mime-version:x-mailer; b=WHLE35Opv8bRjEk3EDP1Ca1NaUiD9Dzo2GajJZyTAX16ukYfQuaAyJEq6QxP0NU3JB 4CW+eRq/Rec4yyDPJ2MOkLVqITuG8Qu//30n8AYtdtlfJ+avecLkx8yfoL+kSMzEgUo3 NEPtncFadKaZ6QnXVTfrH/XvJNuleb9AiUXas= Received: by 10.204.180.75 with SMTP id bt11mr2099358bkb.115.1288377886679; Fri, 29 Oct 2010 11:44:46 -0700 (PDT) Received: from [192.168.1.102] (45.81.datacomsa.pl [195.34.81.45]) by mx.google.com with ESMTPS id t10sm1086875bkj.4.2010.10.29.11.44.44 (version=TLSv1/SSLv3 cipher=RC4-MD5); Fri, 29 Oct 2010 11:44:45 -0700 (PDT) Sender: =?UTF-8?Q?Edward_Tomasz_Napiera=C5=82a?= From: =?iso-8859-2?Q?Edward_Tomasz_Napiera=B3a?= Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Date: Fri, 29 Oct 2010 20:44:40 +0200 Message-Id: <7CE78D72-F349-443B-A635-8DC7B970C2E0@freebsd.org> To: "arch@" Mime-Version: 1.0 (Apple Message framework v1081) X-Mailer: Apple Mail (2.1081) Subject: Adapting FreeBSD to PSARC/2010/029. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Oct 2010 19:12:00 -0000 Currently, NFSv4 ACLs support in FreeBSD adheres to a draft by Sam Falkner (it also complies with RFC3530, but that one leaves many things undefined). Semantics for both UFS and ZFS is exactly the same. With ZFS v28, the semantics has changed; see the link below for details: http://arc.opensolaris.org/caselog/PSARC/2010/029/20100126_mark.shellenbaum In short, the semantics is simplified - "weird stuff" no longer happens after chmod, entries don't get duplicated during inheritance, and trivial ACLs no longer contain three "DENY" entries, which is also more friendly to MS Windows. Patch below makes UFS comply with the new semantics instead of Falkner's draft. It's controlled by sysctl and disabled by default; to enable, set vfs.acl_nfs4_old_semantics to 0. Review is welcome. I'd like to commit it as soon as I finish writing regression tests, with the new semantics disabled by default. I plan to change the default after ZFS v28 gets committed to CURRENT, to keep UFS and ZFS in sync. http://people.freebsd.org/~trasz/acl-psarc-2.diff -- If you cut off my head, what would I say? Me and my head, or me and my body?