Date: Tue, 5 Aug 2003 10:46:47 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: "Scott M. Likens" <damm@infinitevoid.net> Cc: current@freebsd.org Subject: Re: ACLS on UFS2 from FreeBSD 5.1-RELEASE install. Message-ID: <Pine.NEB.3.96L.1030805104220.11763C-100000@fledge.watson.org> In-Reply-To: <1059854534.46751.0.camel@acheron.livid.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2 Aug 2003, Scott M. Likens wrote: > Has anyone noticed the ACLS being disabled? > > tunefs -p /dev/da1s1c shows that ACLS are disabled on every partition I > have, i've gone through them all. > > any reason why? Yes -- they are disabled by default because they're not required by most users, and as a new (and slightly experimental) feature, involve a slightly greater risk of problems. I believe I added support to sysinstall to enable ACLs during the partition process; if not, you can enable them later using tunefs. One of the difficulties associated with ACLs is that not all applications understand them -- while the failure mode is predictable and relatively clean, it means that you may sometimes lose ACLs on objects when they are replaced by an application without ACL support. For example, some applications will move a file out of the way and create a new copy when updating a file -- if they don't understand ACLs, they can't propagate the ACL from the old object to the new object. Also, several of the base system utilities (such as mv) don't currently propagate ACLs. I hope to fix up a number of them for 5.3, but I suspect we'll bump into such programs once in a while as we move forwards. Most of the performance loss associated with ACLs on UFS1 have been eliminated through UFS2, which is a point in favor of enabling ACLs by default. Once they've settled for some time and the feedback is all looking good, we might choose to enable them by default. Disabling by default is consistent with several other systems also supporting ACLs. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1030805104220.11763C-100000>