Date: Tue, 12 Jun 2012 15:47:04 +0200 From: Marc Peters <marc@mpeters.org> To: freebsd-fs@freebsd.org Subject: ZFS deletes ACLs when root edits a file Message-ID: <4FD74858.6070705@mpeters.org>
next in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi list, i observed a strange behaviour when using ACLs on a ZFS filesystem. When a file has ACLs set and is edited by a user, the ACLs get lost when the file is edited and saved. How to repeat: > mount /dev/aacd0s1a on / (ufs, local) devfs on /dev (devfs, local, multilabel) /dev/aacd0s1d on /var (ufs, local, soft-updates) appdata on /appdata (zfs, local, nfsv4acls) /dev/md0 on /appdata/www/cache (ufs, local, soft-updates) > ls -al total 3 drwxr-xr-x 2 mpeters wheel 2 Jun 12 15:31 . drwxr-xr-x 5 root wheel 5 Jun 12 15:29 .. > touch test.file ls -al total 4 drwxr-xr-x 2 mpeters wheel 3 Jun 12 15:32 . drwxr-xr-x 5 root wheel 5 Jun 12 15:29 .. - -rw-r--r-- 1 mpeters wheel 0 Jun 12 15:32 test.file > getfacl test.file # file: test.file # owner: mpeters # group: wheel owner@:rw-p--aARWcCos:------:allow group@:r-----a-R-c--s:------:allow everyone@:r-----a-R-c--s:------:allow > setfacl -m user:nobody:rwx::allow test.file ls -al total 4 drwxr-xr-x 2 mpeters wheel 3 Jun 12 15:32 . drwxr-xr-x 5 root wheel 5 Jun 12 15:29 .. - -rw-r--r--+ 1 mpeters wheel 0 Jun 12 15:32 test.file > getfacl test.file # file: test.file # owner: mpeters # group: wheel user:nobody:rwx-----------:------:allow owner@:rw-p--aARWcCos:------:allow group@:r-----a-R-c--s:------:allow everyone@:r-----a-R-c--s:------:allow > vim test.file (do some editing here) "test.file" 2 lines, 12 characters written > ls -al total 4 drwxr-xr-x 2 mpeters wheel 3 Jun 12 15:35 . drwxr-xr-x 5 root wheel 5 Jun 12 15:29 .. - -rw-r--r-- 1 mpeters wheel 12 Jun 12 15:35 test.file > getfacl test.file # file: test.file # owner: mpeters # group: wheel owner@:rw-p--aARWcCos:------:allow group@:r-----a-R-c--s:------:allow everyone@:r-----a-R-c--s:------:allow As you can see, the ACL for user nobody is gone. Is this behaviour intended? Regards, marc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/XSFgACgkQCnBgS+kUGEvTGwCfSmSE31TK4cHAcs3eXdiHLwDR ofIAoJqO2A+LyIhA17YsNnWz2Z3lTogo =UcvA -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FD74858.6070705>