From owner-freebsd-fs@FreeBSD.ORG Tue Jun 12 13:54:28 2012 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 01C69106564A for ; Tue, 12 Jun 2012 13:54:28 +0000 (UTC) (envelope-from marc@mpeters.org) Received: from mail.mpeters.org (mail.mpeters.org [78.46.104.142]) by mx1.freebsd.org (Postfix) with ESMTP id AE8C58FC27 for ; Tue, 12 Jun 2012 13:54:27 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.mpeters.org (Postfix) with ESMTP id EDA5513203D for ; Tue, 12 Jun 2012 15:47:06 +0200 (CEST) X-Virus-Scanned: amavisd-new at mpeters.org Received: from mail.mpeters.org ([127.0.0.1]) by localhost (mail.mpeters.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eKB_jApvgqDa for ; Tue, 12 Jun 2012 15:47:05 +0200 (CEST) Received: from [192.168.0.204] (unknown [62.159.86.18]) by mail.mpeters.org (Postfix) with ESMTPSA id 27CCC132038 for ; Tue, 12 Jun 2012 15:47:05 +0200 (CEST) Message-ID: <4FD74858.6070705@mpeters.org> Date: Tue, 12 Jun 2012 15:47:04 +0200 From: Marc Peters User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.4) Gecko/20120513 Thunderbird/10.0.4 MIME-Version: 1.0 To: freebsd-fs@freebsd.org X-Enigmail-Version: 1.3.5 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: ZFS deletes ACLs when root edits a file X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Jun 2012 13:54:28 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi list, i observed a strange behaviour when using ACLs on a ZFS filesystem. When a file has ACLs set and is edited by a user, the ACLs get lost when the file is edited and saved. How to repeat: > mount /dev/aacd0s1a on / (ufs, local) devfs on /dev (devfs, local, multilabel) /dev/aacd0s1d on /var (ufs, local, soft-updates) appdata on /appdata (zfs, local, nfsv4acls) /dev/md0 on /appdata/www/cache (ufs, local, soft-updates) > ls -al total 3 drwxr-xr-x 2 mpeters wheel 2 Jun 12 15:31 . drwxr-xr-x 5 root wheel 5 Jun 12 15:29 .. > touch test.file ls -al total 4 drwxr-xr-x 2 mpeters wheel 3 Jun 12 15:32 . drwxr-xr-x 5 root wheel 5 Jun 12 15:29 .. - -rw-r--r-- 1 mpeters wheel 0 Jun 12 15:32 test.file > getfacl test.file # file: test.file # owner: mpeters # group: wheel owner@:rw-p--aARWcCos:------:allow group@:r-----a-R-c--s:------:allow everyone@:r-----a-R-c--s:------:allow > setfacl -m user:nobody:rwx::allow test.file ls -al total 4 drwxr-xr-x 2 mpeters wheel 3 Jun 12 15:32 . drwxr-xr-x 5 root wheel 5 Jun 12 15:29 .. - -rw-r--r--+ 1 mpeters wheel 0 Jun 12 15:32 test.file > getfacl test.file # file: test.file # owner: mpeters # group: wheel user:nobody:rwx-----------:------:allow owner@:rw-p--aARWcCos:------:allow group@:r-----a-R-c--s:------:allow everyone@:r-----a-R-c--s:------:allow > vim test.file (do some editing here) "test.file" 2 lines, 12 characters written > ls -al total 4 drwxr-xr-x 2 mpeters wheel 3 Jun 12 15:35 . drwxr-xr-x 5 root wheel 5 Jun 12 15:29 .. - -rw-r--r-- 1 mpeters wheel 12 Jun 12 15:35 test.file > getfacl test.file # file: test.file # owner: mpeters # group: wheel owner@:rw-p--aARWcCos:------:allow group@:r-----a-R-c--s:------:allow everyone@:r-----a-R-c--s:------:allow As you can see, the ACL for user nobody is gone. Is this behaviour intended? Regards, marc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/XSFgACgkQCnBgS+kUGEvTGwCfSmSE31TK4cHAcs3eXdiHLwDR ofIAoJqO2A+LyIhA17YsNnWz2Z3lTogo =UcvA -----END PGP SIGNATURE-----