Re: [nfsv4] NFSv4 ACLs: ACE4_WRITE_ATTRIBUTES clarification

Next message: Halevy, Benny: "RE: [nfsv4] NFSv4 ACLs: {READ,WRITE}_NAMED_ATTRIBUTES"
Previous message: Lisa Week: "[nfsv4] NFSv4 ACLs: ACE4_WRITE_ATTRIBUTES clarification"
In reply to: Lisa Week: "[nfsv4] NFSv4 ACLs: ACE4_WRITE_ATTRIBUTES clarification"
Next in thread: J. Bruce Fields: "Re: [nfsv4] NFSv4 ACLs: ACE4_WRITE_ATTRIBUTES clarification"
Reply: J. Bruce Fields: "Re: [nfsv4] NFSv4 ACLs: ACE4_WRITE_ATTRIBUTES clarification"

bfields@fieldses.org

Date: Wed, 15 Dec 2004 14:43:34 -0500
Subject: Re: [nfsv4] NFSv4 ACLs: ACE4_WRITE_ATTRIBUTES clarification
Message-ID: <20041215194334.GC30441@fieldses.org>
From: "J. Bruce Fields" <bfields@fieldses.org>

So I think that the current proposal for how to use the 14 bits in v4
ace bitmasks when mapping between v4 and posix acls is this:

	Everyone is given READ_ATTRIBUTES | READ_ACL | SYNCHRONIZE.
	The owner is given WRITE_ATTRIBUTES | WRITE_ACL.

	Other bits depend on mode bits:

	r-> READ_DATA | READ_NAMED_ATTRS
	w-> WRITE_DATA | WRITE_NAMED_ATTRS | APPEND_DATA | DELETE_CHILD
	x-> EXECUTE

	DENY aces are given a bit mask that is the complement of
	the bit mask determined as above, except that we never set any
	bits not named in the protocol, and we never set the DELETE
	or WRITE_OWNER bits.

Have I gotten anything wrong in the description above?

The Linux implementation doesn't do WRITE_OWNER as above, so I intend to fix
that.  There's some disagreement over the {READ,WRITE}_ATTRIBUTES bits as no
one knows what they're for.  Also, I would rather treat SYNCHRONIZE like DELETE
and WRITE_OWNER, but the choice is somewhat arbitrary and allowing SYNCHRONIZE
is what everyone else is doing at this point and what Windows clients seem to
prefer as the default.

--b.

_______________________________________________
nfsv4 mailing list
nfsv4@ietf.org
https://www1.ietf.org/mailman/listinfo/nfsv4