From nobody Tue Feb 20 14:58:07 2024 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TfMwJ0wzCz5CC1c for ; Tue, 20 Feb 2024 14:58:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TfMwH3rH7z3x7P for ; Tue, 20 Feb 2024 14:58:07 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1708441087; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=7+2UdGebhuZwCd2dE0bEokZk7zxXat1B6M0Dw+74yIE=; b=YmDufLbHnejez9be4zJ6+Hvhu2UThQYaOAC2/cm7GImypuGtdmBLMzFbmsioDIkDoCrFa5 /HmGmO5rBUzvVrkShGAKhvZ6obWV9E+uv/y2kvDh5xR0oEGKLIXqTVbRDTzw0ISfDDxvPQ zofSWoZPhZp+G/7kd7aJRYScpFmrDooK4bs8mWLk+ZfmYpZwijVkdx+HjCXyFad09egpoA cZdrrLkjQlM4LzdHvYkIhhZ6dFy2J7lc76y4BpP2wLc3l4g/pkmbP27Sejgohl2ZgwAbxk OON/czXacgqG1/cSqvJ0SIB1iyE9U4HWkfBYYdcwJkuH4P6uPXZztWJRKcNj+w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1708441087; a=rsa-sha256; cv=none; b=I+yPmuPV7xcGVM8GSmT4Wqs+J8B4s66A1su0oV46xngmRq8ARoxMSfdHqKERr1xONmTET8 pO3rTJpXbWq8xDJBGxj0th9nuRUydJGQQv8norBFdWc0Ph0cmmDEGqq+w2YxxTcPpINIpp 4wuUidSRaSPLKu3RZmx2bUEIu4KPiPDOPciUd4XrOtenCyEtj+M1FE2vgc9g3gIgiV2N7q YRHZJy4c093X8y2ylTccmFWzDznHT2eH2ySidd/TS8QbAPqOZkjol89wPlcry/KFRToy7M If/j+8lajYh1PtH6yrffQE0R5YR0H3+ywPDynZRJQ84ku9jvwssXsjtzqhDuew== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TfMwH2dNfzMrZ for ; Tue, 20 Feb 2024 14:58:07 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 41KEw7vr023671 for ; Tue, 20 Feb 2024 14:58:07 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 41KEw7H4023670 for bugs@FreeBSD.org; Tue, 20 Feb 2024 14:58:07 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 277193] NFSv4 ACLs are not inherited when moving file Date: Tue, 20 Feb 2024 14:58:07 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: misc X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: technik@evin-ev.de X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277193 Bug ID: 277193 Summary: NFSv4 ACLs are not inherited when moving file Product: Base System Version: 13.2-STABLE Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: misc Assignee: bugs@FreeBSD.org Reporter: technik@evin-ev.de I'm using NFSv4 ACLs in a ZFS dataset. The dataset "zroot/srv/files/myshare" has been created like this: zfs create -o mountpoint=3D/srv/files -o aclmode=3Drestricted zroot/srv/fil= es zfs create -o mountpoint=3D/srv/files/myshare -o aclmode=3Drestricted -o aclinherit=3Dpassthrough-x zroot/srv/files/myshare When I set ACEs with inheritance flags on a directory, I expect files or directories transferred there to inherit those ACEs. For examples, consider= the directories A and B with the following ACEs: # file: /srv/files/myshare/A # owner: root # group: wheel user:alice:rwx--daARWc--s:fd-----:allow owner@:rwxp-daARWc--s:fd-----:allow group@:------a-R-c--s:fd-----:allow everyone@:------a-R-c--s:fd-----:allow # file: /srv/files/myshare/B # owner: root # group: wheel user:bob:rwx--daARWc--s:fd-----:allow owner@:rwxp-daARWc--s:fd-----:allow group@:------a-R-c--s:fd-----:allow everyone@:------a-R-c--s:fd-----:allow Creating a file A/test.txt will inherit the ACEs correctly to that file: # file: /srv/files/myshare/A/test.txt # owner: root # group: wheel user:alice:rw---daARWc--s:------I:allow owner@:rw-p-daARWc--s:------I:allow group@:------a-R-c--s:------I:allow everyone@:------a-R-c--s:------I:allow When moving the file over to B (cp /srv/files/myshare/A/test.txt /srv/files/myshare/B/) I expect it to inherit B's ACEs, but it doesn't. Ins= tead A's ACEs are preserved: # file: /srv/files/myshare/B/test.txt # owner: root # group: wheel user:alice:rw---daARWc--s:------I:allow owner@:rw-p-daARWc--s:------I:allow group@:------a-R-c--s:------I:allow everyone@:------a-R-c--s:------I:allow This makes the file unaccessible for Bob even though he has read/write acce= ss on the directory B. Am I doing something wrong or is this a bug? Note that when copying instead of moving the file, inheritance works as expected. --=20 You are receiving this mail because: You are the assignee for the bug.=