* [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' @ 2022-05-14 14:44 trondmy 2022-05-14 14:44 ` [PATCH 1/6] libnfs4acl: Add helpers to set the dacl and sacl trondmy ` (2 more replies) 0 siblings, 3 replies; 15+ messages in thread From: trondmy @ 2022-05-14 14:44 UTC (permalink / raw) To: Steve Dickson, J.Bruce Fields; +Cc: linux-nfs From: Trond Myklebust <trond.myklebust@hammerspace.com> The following patch set matches the kernel patches to allow access to the NFSv4.1 'dacl' and 'sacl' attributes. The current patches are very basic, adding support for encoding/decoding the new attributes only when the user specifies the '--dacl' or '--sacl' flags on the command line. Trond Myklebust (6): libnfs4acl: Add helpers to set the dacl and sacl libnfs4acl: Add support for the NFS4.1 ACE_INHERITED_ACE flag The NFSv41 DACL and SACL prepend an extra field to the acl nfs4_getacl: Add support for the --dacl and --sacl options nfs4_setacl: Add support for the --dacl and --sacl options Edit manpages to document the new --dacl, --sacl and inheritance features include/libacl_nfs4.h | 18 +++++++ include/nfs4.h | 6 +++ libnfs4acl/Makefile | 2 + libnfs4acl/acl_nfs4_copy_acl.c | 2 + libnfs4acl/acl_nfs4_xattr_load.c | 14 +++++- libnfs4acl/acl_nfs4_xattr_pack.c | 22 ++++++-- libnfs4acl/nfs4_ace_from_string.c | 3 ++ libnfs4acl/nfs4_get_ace_flags.c | 2 + libnfs4acl/nfs4_getacl.c | 84 +++++++++++++++++++++++++++++++ libnfs4acl/nfs4_new_acl.c | 1 + libnfs4acl/nfs4_setacl.c | 49 ++++++++++++++++++ man/man1/nfs4_getfacl.1 | 14 ++++++ man/man1/nfs4_setfacl.1 | 8 +++ man/man5/nfs4_acl.5 | 10 ++++ nfs4_getfacl/nfs4_getfacl.c | 73 ++++++++++++++++++++++++--- nfs4_setfacl/nfs4_setfacl.c | 67 ++++++++++++++++++++++-- 16 files changed, 359 insertions(+), 16 deletions(-) create mode 100644 libnfs4acl/nfs4_getacl.c create mode 100644 libnfs4acl/nfs4_setacl.c -- 2.36.1 ^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH 1/6] libnfs4acl: Add helpers to set the dacl and sacl 2022-05-14 14:44 [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' trondmy @ 2022-05-14 14:44 ` trondmy 2022-05-14 14:44 ` [PATCH 2/6] libnfs4acl: Add support for the NFS4.1 ACE_INHERITED_ACE flag trondmy 2022-05-15 1:59 ` [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' J.Bruce Fields 2022-06-21 13:43 ` Steve Dickson 2 siblings, 1 reply; 15+ messages in thread From: trondmy @ 2022-05-14 14:44 UTC (permalink / raw) To: Steve Dickson, J.Bruce Fields; +Cc: linux-nfs From: Trond Myklebust <trond.myklebust@hammerspace.com> Add helper functions to set the NFSv4.1 dacl and sacl attributes. Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> --- include/libacl_nfs4.h | 9 +++++ libnfs4acl/Makefile | 2 + libnfs4acl/nfs4_getacl.c | 83 ++++++++++++++++++++++++++++++++++++++++ libnfs4acl/nfs4_setacl.c | 49 ++++++++++++++++++++++++ 4 files changed, 143 insertions(+) create mode 100644 libnfs4acl/nfs4_getacl.c create mode 100644 libnfs4acl/nfs4_setacl.c diff --git a/include/libacl_nfs4.h b/include/libacl_nfs4.h index d3786c3fabdc..76bbe90af54d 100644 --- a/include/libacl_nfs4.h +++ b/include/libacl_nfs4.h @@ -123,6 +123,8 @@ /* NFS4 acl xattr name */ #define ACL_NFS4_XATTR "system.nfs4_acl" +#define DACL_NFS4_XATTR "system.nfs4_dacl" +#define SACL_NFS4_XATTR "system.nfs4_sacl" /* Macro for finding empty tailqs */ #define TAILQ_IS_EMPTY(head) (head.tqh_first == NULL) @@ -152,6 +154,13 @@ TAILQ_HEAD(ace_container_list_head, ace_container); /**** Public functions ****/ +extern struct nfs4_acl * nfs4_getacl(const char *path); +extern struct nfs4_acl * nfs4_getdacl(const char *path); +extern struct nfs4_acl * nfs4_getsacl(const char *path); +extern int nfs4_setacl(const char *path, struct nfs4_acl *acl); +extern int nfs4_setdacl(const char *path, struct nfs4_acl *acl); +extern int nfs4_setsacl(const char *path, struct nfs4_acl *acl); + /** Manipulation functions **/ extern int acl_nfs4_set_who(struct nfs4_ace*, int, char*); extern struct nfs4_acl * acl_nfs4_copy_acl(struct nfs4_acl *); diff --git a/libnfs4acl/Makefile b/libnfs4acl/Makefile index a598d4ee141f..556b59535e26 100644 --- a/libnfs4acl/Makefile +++ b/libnfs4acl/Makefile @@ -92,6 +92,8 @@ LIBACL_NFS4_CFILES = \ nfs4_get_ace_access.c \ nfs4_get_ace_flags.c \ nfs4_get_ace_type.c \ + nfs4_getacl.c \ + nfs4_setacl.c \ nfs4_insert_file_aces.c \ nfs4_insert_string_aces.c \ nfs4_free_acl.c \ diff --git a/libnfs4acl/nfs4_getacl.c b/libnfs4acl/nfs4_getacl.c new file mode 100644 index 000000000000..753ba9167459 --- /dev/null +++ b/libnfs4acl/nfs4_getacl.c @@ -0,0 +1,83 @@ +/* + * Copyright (c) 2022, Trond Myklebust <trond.myklebust@hammerspace.com> + * + * This code is free software; you can redistribute it and/or modify + * it under the terms of the GNU LESSER GENERAL PUBLIC LICENSE + * version 2.1 as published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU LESSER GENERAL PUBLIC LICENSE for more details. + */ + +#include <sys/types.h> +#include <config.h> +#ifdef HAVE_ATTR_XATTR_H +# include <attr/xattr.h> +#else +# ifdef HAVE_SYS_XATTR_H +# include <sys/xattr.h> +# endif +#endif +#include <sys/stat.h> +#include "libacl_nfs4.h" + +/* returns a newly-allocated struct nfs4_acl or NULL on error. */ +static struct nfs4_acl *nfs4_getacl_byname(const char *path, + const char *xattr_name) +{ + struct nfs4_acl *acl; + struct stat st; + void *buf; + ssize_t ret; + u32 iflags = NFS4_ACL_ISFILE; + + if (path == NULL || *path == 0) { + errno = EFAULT; + return NULL; + } + + /* find necessary buffer size */ + ret = getxattr(path, xattr_name, NULL, 0); + if (ret == -1) + goto err; + + buf = malloc(ret); + if (!buf) + goto err; + + /* reconstruct the ACL */ + ret = getxattr(path, xattr_name, buf, ret); + if (ret == -1) + goto err_free; + + ret = stat(path, &st); + if (ret == -1) + goto err_free; + + if (S_ISDIR(st.st_mode)) + iflags = NFS4_ACL_ISDIR; + + acl = acl_nfs4_xattr_load(buf, ret, iflags); + + free(buf); + return acl; +err_free: + free(buf); +err: + return NULL; +} + +struct nfs4_acl *nfs4_getacl(const char *path) +{ + return nfs4_getacl_byname(path, ACL_NFS4_XATTR); +} +struct nfs4_acl *nfs4_getdacl(const char *path) +{ + return nfs4_getacl_byname(path, DACL_NFS4_XATTR); +} +struct nfs4_acl *nfs4_getsacl(const char *path) +{ + return nfs4_getacl_byname(path, SACL_NFS4_XATTR); +} diff --git a/libnfs4acl/nfs4_setacl.c b/libnfs4acl/nfs4_setacl.c new file mode 100644 index 000000000000..298365ec67c5 --- /dev/null +++ b/libnfs4acl/nfs4_setacl.c @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2022, Trond Myklebust <trond.myklebust@hammerspace.com> + * + * This code is free software; you can redistribute it and/or modify + * it under the terms of the GNU LESSER GENERAL PUBLIC LICENSE + * version 2.1 as published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU LESSER GENERAL PUBLIC LICENSE for more details. + */ + +#include <sys/types.h> +#include <config.h> +#ifdef HAVE_ATTR_XATTR_H +# include <attr/xattr.h> +#else +# ifdef HAVE_SYS_XATTR_H +# include <sys/xattr.h> +# endif +#endif +#include "libacl_nfs4.h" + +static int nfs4_setacl_byname(const char *path, const char *xattr_name, + struct nfs4_acl *acl) +{ + char *xdrbuf = NULL; + int ret; + + ret = acl_nfs4_xattr_pack(acl, &xdrbuf); + if (ret != -1) + ret = setxattr(path, xattr_name, xdrbuf, ret, XATTR_REPLACE); + free(xdrbuf); + return ret; +} + +int nfs4_setacl(const char *path, struct nfs4_acl *acl) +{ + return nfs4_setacl_byname(path, ACL_NFS4_XATTR, acl); +} +int nfs4_setdacl(const char *path, struct nfs4_acl *acl) +{ + return nfs4_setacl_byname(path, DACL_NFS4_XATTR, acl); +} +int nfs4_setsacl(const char *path, struct nfs4_acl *acl) +{ + return nfs4_setacl_byname(path, SACL_NFS4_XATTR, acl); +} -- 2.36.1 ^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH 2/6] libnfs4acl: Add support for the NFS4.1 ACE_INHERITED_ACE flag 2022-05-14 14:44 ` [PATCH 1/6] libnfs4acl: Add helpers to set the dacl and sacl trondmy @ 2022-05-14 14:44 ` trondmy 2022-05-14 14:44 ` [PATCH 3/6] The NFSv41 DACL and SACL prepend an extra field to the acl trondmy 0 siblings, 1 reply; 15+ messages in thread From: trondmy @ 2022-05-14 14:44 UTC (permalink / raw) To: Steve Dickson, J.Bruce Fields; +Cc: linux-nfs From: Trond Myklebust <trond.myklebust@hammerspace.com> Use the letter 'I' to represent an inherited ACE. Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> --- include/libacl_nfs4.h | 1 + include/nfs4.h | 1 + libnfs4acl/nfs4_ace_from_string.c | 3 +++ libnfs4acl/nfs4_get_ace_flags.c | 2 ++ nfs4_getfacl/nfs4_getfacl.c | 1 + 5 files changed, 8 insertions(+) diff --git a/include/libacl_nfs4.h b/include/libacl_nfs4.h index 76bbe90af54d..d54d82f94f97 100644 --- a/include/libacl_nfs4.h +++ b/include/libacl_nfs4.h @@ -54,6 +54,7 @@ #define FLAG_SUCCESSFUL_ACCESS 'S' #define FLAG_FAILED_ACCESS 'F' #define FLAG_GROUP 'g' +#define FLAG_INHERITED 'I' #define PERM_READ_DATA 'r' #define PERM_WRITE_DATA 'w' diff --git a/include/nfs4.h b/include/nfs4.h index da6eefb7fbc6..20bfa6b99634 100644 --- a/include/nfs4.h +++ b/include/nfs4.h @@ -62,6 +62,7 @@ #define NFS4_ACE_SUCCESSFUL_ACCESS_ACE_FLAG 0x00000010 #define NFS4_ACE_FAILED_ACCESS_ACE_FLAG 0x00000020 #define NFS4_ACE_IDENTIFIER_GROUP 0x00000040 +#define NFS4_ACE_INHERITED_ACE 0x00000080 #define NFS4_ACE_READ_DATA 0x00000001 #define NFS4_ACE_LIST_DIRECTORY 0x00000001 diff --git a/libnfs4acl/nfs4_ace_from_string.c b/libnfs4acl/nfs4_ace_from_string.c index ab8401ae0629..7f1315434435 100644 --- a/libnfs4acl/nfs4_ace_from_string.c +++ b/libnfs4acl/nfs4_ace_from_string.c @@ -209,6 +209,9 @@ struct nfs4_ace * nfs4_ace_from_string(char *ace_buf, int is_dir) case FLAG_GROUP: flags |= NFS4_ACE_IDENTIFIER_GROUP; break; + case FLAG_INHERITED: + flags |= NFS4_ACE_INHERITED_ACE; + break; default: fprintf(stderr,"Bad Ace Flag:%c\n", *field); goto out_free; diff --git a/libnfs4acl/nfs4_get_ace_flags.c b/libnfs4acl/nfs4_get_ace_flags.c index 1d28ed4b5196..1f27d17ad4cd 100644 --- a/libnfs4acl/nfs4_get_ace_flags.c +++ b/libnfs4acl/nfs4_get_ace_flags.c @@ -53,6 +53,8 @@ char* nfs4_get_ace_flags(struct nfs4_ace *ace, char *buf) *buf++ = FLAG_FAILED_ACCESS;; if (flags & NFS4_ACE_IDENTIFIER_GROUP) *buf++ = FLAG_GROUP; + if (flags & NFS4_ACE_INHERITED_ACE) + *buf++ = FLAG_INHERITED; *buf = '\0'; return bp; diff --git a/nfs4_getfacl/nfs4_getfacl.c b/nfs4_getfacl/nfs4_getfacl.c index e068095b0d6b..1222dd907c9e 100644 --- a/nfs4_getfacl/nfs4_getfacl.c +++ b/nfs4_getfacl/nfs4_getfacl.c @@ -170,6 +170,7 @@ static void more_help() " 'S' successful-access\n" " 'F' failed-access\n" " 'g' group (denotes that <principal> is a group)\n" + " 'I' inherited\n" "\n" " * <principal> - named user or group, or one of: \"OWNER@\", \"GROUP@\", \"EVERYONE@\"\n" "\n" -- 2.36.1 ^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH 3/6] The NFSv41 DACL and SACL prepend an extra field to the acl 2022-05-14 14:44 ` [PATCH 2/6] libnfs4acl: Add support for the NFS4.1 ACE_INHERITED_ACE flag trondmy @ 2022-05-14 14:44 ` trondmy 2022-05-14 14:44 ` [PATCH 4/6] nfs4_getacl: Add support for the --dacl and --sacl options trondmy 0 siblings, 1 reply; 15+ messages in thread From: trondmy @ 2022-05-14 14:44 UTC (permalink / raw) To: Steve Dickson, J.Bruce Fields; +Cc: linux-nfs From: Trond Myklebust <trond.myklebust@hammerspace.com> The ACL flags describe the inheritance mode of the acl: - AUTO_INHERIT - PROTECTED - DEFAULTED Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> --- include/libacl_nfs4.h | 8 ++++++++ include/nfs4.h | 5 +++++ libnfs4acl/acl_nfs4_copy_acl.c | 2 ++ libnfs4acl/acl_nfs4_xattr_load.c | 14 +++++++++++++- libnfs4acl/acl_nfs4_xattr_pack.c | 22 +++++++++++++++++----- libnfs4acl/nfs4_getacl.c | 11 ++++++----- libnfs4acl/nfs4_new_acl.c | 1 + libnfs4acl/nfs4_setacl.c | 10 +++++----- 8 files changed, 57 insertions(+), 16 deletions(-) diff --git a/include/libacl_nfs4.h b/include/libacl_nfs4.h index d54d82f94f97..a486390ac170 100644 --- a/include/libacl_nfs4.h +++ b/include/libacl_nfs4.h @@ -142,6 +142,12 @@ typedef u_int32_t u32; +enum acl_type { + ACL_TYPE_ACL, + ACL_TYPE_DACL, + ACL_TYPE_SACL +}; + enum { ACL_NFS4_NOT_USED = 0, ACL_NFS4_USED }; @@ -166,7 +172,9 @@ extern int nfs4_setsacl(const char *path, struct nfs4_acl *acl); extern int acl_nfs4_set_who(struct nfs4_ace*, int, char*); extern struct nfs4_acl * acl_nfs4_copy_acl(struct nfs4_acl *); extern struct nfs4_acl * acl_nfs4_xattr_load(char *, int, u32); +extern struct nfs4_acl * acl_nfs41_xattr_load(char *, int, u32, enum acl_type); extern int acl_nfs4_xattr_pack(struct nfs4_acl *, char**); +extern int acl_nfs41_xattr_pack(struct nfs4_acl *, char**, enum acl_type); extern int acl_nfs4_xattr_size(struct nfs4_acl *); extern void nfs4_free_acl(struct nfs4_acl *); diff --git a/include/nfs4.h b/include/nfs4.h index 20bfa6b99634..d15482e8a720 100644 --- a/include/nfs4.h +++ b/include/nfs4.h @@ -55,6 +55,10 @@ #define ACL4_SUPPORT_AUDIT_ACL 0x04 #define ACL4_SUPPORT_ALARM_ACL 0x08 +#define NFS4_ACL_AUTO_INHERIT 0x00000001 +#define NFS4_ACL_PROTECTED 0x00000002 +#define NFS4_ACL_DEFAULTED 0x00000004 + #define NFS4_ACE_FILE_INHERIT_ACE 0x00000001 #define NFS4_ACE_DIRECTORY_INHERIT_ACE 0x00000002 #define NFS4_ACE_NO_PROPAGATE_INHERIT_ACE 0x00000004 @@ -126,6 +130,7 @@ struct nfs4_acl { u_int32_t naces; u_int32_t is_directory; struct ace_list_head ace_head; + u_int32_t aclflag; }; typedef struct { char data[NFS4_VERIFIER_SIZE]; } nfs4_verifier; diff --git a/libnfs4acl/acl_nfs4_copy_acl.c b/libnfs4acl/acl_nfs4_copy_acl.c index cf09173badc0..7a6d83b1ca64 100644 --- a/libnfs4acl/acl_nfs4_copy_acl.c +++ b/libnfs4acl/acl_nfs4_copy_acl.c @@ -54,6 +54,8 @@ struct nfs4_acl * acl_nfs4_copy_acl(struct nfs4_acl * acl) if (new_acl == NULL) goto failed; + new_acl->aclflag = acl->aclflag; + ace = nfs4_get_first_ace(acl); nace = 1; diff --git a/libnfs4acl/acl_nfs4_xattr_load.c b/libnfs4acl/acl_nfs4_xattr_load.c index 089a139142b1..c747e8dac225 100644 --- a/libnfs4acl/acl_nfs4_xattr_load.c +++ b/libnfs4acl/acl_nfs4_xattr_load.c @@ -38,7 +38,8 @@ #include "libacl_nfs4.h" -struct nfs4_acl * acl_nfs4_xattr_load(char *xattr_v, int xattr_size, u32 is_dir) +struct nfs4_acl *acl_nfs41_xattr_load(char *xattr_v, int xattr_size, u32 is_dir, + enum acl_type acl_type) { struct nfs4_acl *acl; struct nfs4_ace *ace; @@ -61,6 +62,12 @@ struct nfs4_acl * acl_nfs4_xattr_load(char *xattr_v, int xattr_size, u32 is_dir) return NULL; } + if (acl_type == ACL_TYPE_DACL || acl_type == ACL_TYPE_SACL) { + acl->aclflag = (u32)ntohl(*((u32*)(bufp))); + bufp += sizeof(u32); + bufs -= sizeof(u32); + } + /* Grab the number of aces in the acl */ num_aces = (u32)ntohl(*((u32*)(bufp))); @@ -180,3 +187,8 @@ err1: nfs4_free_acl(acl); return NULL; } + +struct nfs4_acl *acl_nfs4_xattr_load(char *xattr_v, int xattr_size, u32 is_dir) +{ + return acl_nfs41_xattr_load(xattr_v, xattr_size, is_dir, ACL_TYPE_ACL); +} diff --git a/libnfs4acl/acl_nfs4_xattr_pack.c b/libnfs4acl/acl_nfs4_xattr_pack.c index 7c281feed496..2bd3b1b1a229 100644 --- a/libnfs4acl/acl_nfs4_xattr_pack.c +++ b/libnfs4acl/acl_nfs4_xattr_pack.c @@ -37,11 +37,12 @@ #include "libacl_nfs4.h" #include <stdio.h> -int acl_nfs4_xattr_pack(struct nfs4_acl * acl, char** bufp) +int acl_nfs41_xattr_pack(struct nfs4_acl * acl, char** bufp, + enum acl_type acl_type) { struct nfs4_ace * ace; int buflen; - int rbuflen; + int rbuflen = 0; int num_aces; int ace_num; int wholen; @@ -58,6 +59,9 @@ int acl_nfs4_xattr_pack(struct nfs4_acl * acl, char** bufp) if (buflen < 0) goto failed; + if (acl_type == ACL_TYPE_DACL || acl_type == ACL_TYPE_SACL) + buflen += sizeof(u32); + *bufp = (char*) malloc(buflen); if (*bufp == NULL) { errno = ENOMEM; @@ -67,11 +71,17 @@ int acl_nfs4_xattr_pack(struct nfs4_acl * acl, char** bufp) p = *bufp; + if (acl_type == ACL_TYPE_DACL || acl_type == ACL_TYPE_SACL) { + *((u32*)p) = htonl(acl->aclflag); + rbuflen += sizeof(u32); + p += sizeof(u32); + } + num_aces = acl->naces; *((u32*)p) = htonl(num_aces); - rbuflen = sizeof(u32); + rbuflen += sizeof(u32); p += sizeof(u32); ace = nfs4_get_first_ace(acl); @@ -140,5 +150,7 @@ failed: return -1; } - - +int acl_nfs4_xattr_pack(struct nfs4_acl * acl, char** bufp) +{ + return acl_nfs41_xattr_pack(acl, bufp, ACL_TYPE_ACL); +} diff --git a/libnfs4acl/nfs4_getacl.c b/libnfs4acl/nfs4_getacl.c index 753ba9167459..7821da3885fe 100644 --- a/libnfs4acl/nfs4_getacl.c +++ b/libnfs4acl/nfs4_getacl.c @@ -25,7 +25,8 @@ /* returns a newly-allocated struct nfs4_acl or NULL on error. */ static struct nfs4_acl *nfs4_getacl_byname(const char *path, - const char *xattr_name) + const char *xattr_name, + enum acl_type type) { struct nfs4_acl *acl; struct stat st; @@ -59,7 +60,7 @@ static struct nfs4_acl *nfs4_getacl_byname(const char *path, if (S_ISDIR(st.st_mode)) iflags = NFS4_ACL_ISDIR; - acl = acl_nfs4_xattr_load(buf, ret, iflags); + acl = acl_nfs41_xattr_load(buf, ret, iflags, type); free(buf); return acl; @@ -71,13 +72,13 @@ err: struct nfs4_acl *nfs4_getacl(const char *path) { - return nfs4_getacl_byname(path, ACL_NFS4_XATTR); + return nfs4_getacl_byname(path, ACL_NFS4_XATTR, ACL_TYPE_ACL); } struct nfs4_acl *nfs4_getdacl(const char *path) { - return nfs4_getacl_byname(path, DACL_NFS4_XATTR); + return nfs4_getacl_byname(path, DACL_NFS4_XATTR, ACL_TYPE_DACL); } struct nfs4_acl *nfs4_getsacl(const char *path) { - return nfs4_getacl_byname(path, SACL_NFS4_XATTR); + return nfs4_getacl_byname(path, SACL_NFS4_XATTR, ACL_TYPE_SACL); } diff --git a/libnfs4acl/nfs4_new_acl.c b/libnfs4acl/nfs4_new_acl.c index 78d4c28e474b..0a5583af3bc5 100644 --- a/libnfs4acl/nfs4_new_acl.c +++ b/libnfs4acl/nfs4_new_acl.c @@ -50,6 +50,7 @@ nfs4_new_acl(u32 is_dir) acl->naces = 0; acl->is_directory = is_dir; + acl->aclflag = 0; TAILQ_INIT(&acl->ace_head); diff --git a/libnfs4acl/nfs4_setacl.c b/libnfs4acl/nfs4_setacl.c index 298365ec67c5..d68450220757 100644 --- a/libnfs4acl/nfs4_setacl.c +++ b/libnfs4acl/nfs4_setacl.c @@ -23,12 +23,12 @@ #include "libacl_nfs4.h" static int nfs4_setacl_byname(const char *path, const char *xattr_name, - struct nfs4_acl *acl) + struct nfs4_acl *acl, enum acl_type type) { char *xdrbuf = NULL; int ret; - ret = acl_nfs4_xattr_pack(acl, &xdrbuf); + ret = acl_nfs41_xattr_pack(acl, &xdrbuf, type); if (ret != -1) ret = setxattr(path, xattr_name, xdrbuf, ret, XATTR_REPLACE); free(xdrbuf); @@ -37,13 +37,13 @@ static int nfs4_setacl_byname(const char *path, const char *xattr_name, int nfs4_setacl(const char *path, struct nfs4_acl *acl) { - return nfs4_setacl_byname(path, ACL_NFS4_XATTR, acl); + return nfs4_setacl_byname(path, ACL_NFS4_XATTR, acl, ACL_TYPE_ACL); } int nfs4_setdacl(const char *path, struct nfs4_acl *acl) { - return nfs4_setacl_byname(path, DACL_NFS4_XATTR, acl); + return nfs4_setacl_byname(path, DACL_NFS4_XATTR, acl, ACL_TYPE_DACL); } int nfs4_setsacl(const char *path, struct nfs4_acl *acl) { - return nfs4_setacl_byname(path, SACL_NFS4_XATTR, acl); + return nfs4_setacl_byname(path, SACL_NFS4_XATTR, acl, ACL_TYPE_SACL); } -- 2.36.1 ^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH 4/6] nfs4_getacl: Add support for the --dacl and --sacl options 2022-05-14 14:44 ` [PATCH 3/6] The NFSv41 DACL and SACL prepend an extra field to the acl trondmy @ 2022-05-14 14:44 ` trondmy 2022-05-14 14:44 ` [PATCH 5/6] nfs4_setacl: " trondmy 0 siblings, 1 reply; 15+ messages in thread From: trondmy @ 2022-05-14 14:44 UTC (permalink / raw) To: Steve Dickson, J.Bruce Fields; +Cc: linux-nfs From: Trond Myklebust <trond.myklebust@hammerspace.com> Add support for the NFSv4.1 dacl and sacl attributes. Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> --- nfs4_getfacl/nfs4_getfacl.c | 72 +++++++++++++++++++++++++++++++++---- 1 file changed, 65 insertions(+), 7 deletions(-) diff --git a/nfs4_getfacl/nfs4_getfacl.c b/nfs4_getfacl/nfs4_getfacl.c index 1222dd907c9e..954cf7edb19a 100644 --- a/nfs4_getfacl/nfs4_getfacl.c +++ b/nfs4_getfacl/nfs4_getfacl.c @@ -42,15 +42,30 @@ #include <ftw.h> #include <getopt.h> +#define OPT_DACL 0x98 +#define OPT_SACL 0x99 + static void usage(int); static void more_help(); static char *execname; -static void print_acl_from_path(); +static void print_acl_from_path(const char *, enum acl_type); static int ignore_comment = 0; -static int recursive(const char *fpath, const struct stat *sb, int tflag, struct FTW *ftwbuf) +static int print_acl(const char *fpath, const struct stat *sb, int tflag, struct FTW *ftwbuf) +{ + print_acl_from_path(fpath, ACL_TYPE_ACL); + return 0; +} + +static int print_dacl(const char *fpath, const struct stat *sb, int tflag, struct FTW *ftwbuf) { - print_acl_from_path(fpath); + print_acl_from_path(fpath, ACL_TYPE_DACL); + return 0; +} + +static int print_sacl(const char *fpath, const struct stat *sb, int tflag, struct FTW *ftwbuf) +{ + print_acl_from_path(fpath, ACL_TYPE_SACL); return 0; } @@ -59,6 +74,8 @@ static struct option long_options[] = { {"help", 0, 0, 'h' }, {"recursive", 0, 0, 'R' }, {"omit-header", 0, 0, 'c'}, + {"dacl", 0, 0, OPT_DACL}, + {"sacl", 0, 0, OPT_SACL}, { NULL, 0, 0, 0, }, }; @@ -66,6 +83,9 @@ int main(int argc, char **argv) { int opt, res = 1; int do_recursive = 0; + int (*recursive)(const char *fpath, const struct stat *sb, + int tflag, struct FTW *ftwbuf) = print_acl; + enum acl_type type = ACL_TYPE_ACL; execname = basename(argv[0]); @@ -88,6 +108,14 @@ int main(int argc, char **argv) case 'c': ignore_comment = 1; break; + case OPT_DACL: + type = ACL_TYPE_DACL; + recursive = print_dacl; + break; + case OPT_SACL: + type = ACL_TYPE_SACL; + recursive = print_sacl; + break; case 'h': usage(1); res = 0; @@ -111,23 +139,51 @@ int main(int argc, char **argv) printf("Invalid filename: %s\n", argv[optind]); } else - print_acl_from_path(argv[optind]); + print_acl_from_path(argv[optind], type); res = 0; } out: return res; } -static void print_acl_from_path(const char *fpath) +static void print_acl_from_path(const char *fpath, enum acl_type type) { struct nfs4_acl *acl; - acl = nfs4_acl_for_path(fpath); + + switch (type) { + case ACL_TYPE_ACL: + acl = nfs4_getacl(fpath); + break; + case ACL_TYPE_DACL: + acl = nfs4_getdacl(fpath); + break; + case ACL_TYPE_SACL: + acl = nfs4_getsacl(fpath); + break; + } + if (acl != NULL) { if (ignore_comment == 0) printf("# file: %s\n", fpath); nfs4_print_acl(stdout, acl); printf("\n"); nfs4_free_acl(acl); + } else { + switch (errno) { + case ENODATA: + fprintf(stderr,"Attribute not found on file: %s\n", + fpath); + break; + case EREMOTEIO: + fprintf(stderr,"An NFS server error occurred.\n"); + break; + case EOPNOTSUPP: + fprintf(stderr,"Operation to request attribute not " + "supported: %s\n", fpath); + break; + default: + perror("Failed operation"); + } } } @@ -142,7 +198,9 @@ static void usage(int label) " -H, --more-help display ACL format information\n" " -h, --help display this help text\n" " -R, --recursive recurse into subdirectories\n" - " -c, --omit-header Do not display the comment header (Do not print filename)\n"; + " -c, --omit-header Do not display the comment header (Do not print filename)\n" + " --dacl display the NFSv4.1 dacl\n" + " --sacl display the NFSv4.1 sacl\n"; fprintf(stderr, gfusage, execname); } -- 2.36.1 ^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH 5/6] nfs4_setacl: Add support for the --dacl and --sacl options 2022-05-14 14:44 ` [PATCH 4/6] nfs4_getacl: Add support for the --dacl and --sacl options trondmy @ 2022-05-14 14:44 ` trondmy 2022-05-14 14:44 ` [PATCH 6/6] Edit manpages to document the new --dacl, --sacl and inheritance features trondmy 0 siblings, 1 reply; 15+ messages in thread From: trondmy @ 2022-05-14 14:44 UTC (permalink / raw) To: Steve Dickson, J.Bruce Fields; +Cc: linux-nfs From: Trond Myklebust <trond.myklebust@hammerspace.com> Add support for the NFSv4.1 dacl and sacl attributes. Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> --- nfs4_setfacl/nfs4_setfacl.c | 67 +++++++++++++++++++++++++++++++++++-- 1 file changed, 64 insertions(+), 3 deletions(-) diff --git a/nfs4_setfacl/nfs4_setfacl.c b/nfs4_setfacl/nfs4_setfacl.c index d0485ad53024..e5816085c8b0 100644 --- a/nfs4_setfacl/nfs4_setfacl.c +++ b/nfs4_setfacl/nfs4_setfacl.c @@ -79,6 +79,9 @@ #define EDITOR "vi" /* <- evangelism! */ #define u32 u_int32_t +#define OPT_DACL 0x98 +#define OPT_SACL 0x99 + static int apply_action(const char *, const struct stat *, int, struct FTW *); static int do_apply_action(const char *, const struct stat *); static int open_editor(const char *); @@ -110,6 +113,8 @@ static struct option long_options[] = { { "recursive", 0, 0, 'R' }, { "physical", 0, 0, 'P' }, { "logical", 0, 0, 'L' }, + { "dacl", 0, 0, OPT_DACL }, + { "sacl", 0, 0, OPT_SACL }, { NULL, 0, 0, 0, }, }; @@ -124,6 +129,8 @@ static char *mod_string; static char *from_ace; static char *to_ace; +static enum acl_type acl_type = ACL_TYPE_ACL; + /* XXX: things we need to handle: * * - we need some sort of 'purge' operation that completely clears an ACL. @@ -272,6 +279,13 @@ int main(int argc, char **argv) paths[numpaths++] = optarg; break; + case OPT_DACL: + acl_type = ACL_TYPE_DACL; + break; + case OPT_SACL: + acl_type = ACL_TYPE_SACL; + break; + case 'h': case '?': default: @@ -334,6 +348,50 @@ out: return err; } +static void nfs4_print_acl_error(const char *path) +{ + switch (errno) { + case ENODATA: + fprintf(stderr,"Attribute not found on file: %s\n", path); + break; + case EREMOTEIO: + fprintf(stderr,"An NFS server error occurred.\n"); + break; + case EOPNOTSUPP: + fprintf(stderr,"Operation to request attribute not supported: " + "%s\n", path); + break; + default: + perror("Failed operation"); + } +} + +static struct nfs4_acl *nfs4_retrieve_acl(const char *path, + enum acl_type type) +{ + switch (type) { + case ACL_TYPE_DACL: + return nfs4_getdacl(path); + case ACL_TYPE_SACL: + return nfs4_getsacl(path); + default: + return nfs4_getacl(path); + } +} + +static int nfs4_apply_acl(const char *path, struct nfs4_acl *acl, + enum acl_type type) +{ + switch (type) { + case ACL_TYPE_DACL: + return nfs4_setdacl(path, acl); + case ACL_TYPE_SACL: + return nfs4_setsacl(path, acl); + default: + return nfs4_setacl(path, acl); + } +} + /* returns 0 on success, nonzero on failure */ static int apply_action(const char *_path, const struct stat *stat, int flag, struct FTW *ftw) { @@ -378,7 +436,7 @@ static int do_apply_action(const char *path, const struct stat *_st) if (action == SUBSTITUTE_ACTION) acl = nfs4_new_acl(S_ISDIR(st->st_mode)); else - acl = nfs4_acl_for_path(path); + acl = nfs4_retrieve_acl(path, acl_type); if (acl == NULL) { fprintf(stderr, "Failed to instantiate ACL.\n"); @@ -438,8 +496,11 @@ static int do_apply_action(const char *path, const struct stat *_st) if (is_test) { fprintf(stderr, "## Test mode only - the resulting ACL for \"%s\": \n", path); nfs4_print_acl(stdout, acl); - } else - err = nfs4_set_acl(acl, path); + } else { + err = nfs4_apply_acl(path, acl, acl_type); + if (err == -1) + nfs4_print_acl_error(path); + } out: nfs4_free_acl(acl); -- 2.36.1 ^ permalink raw reply related [flat|nested] 15+ messages in thread
* [PATCH 6/6] Edit manpages to document the new --dacl, --sacl and inheritance features 2022-05-14 14:44 ` [PATCH 5/6] nfs4_setacl: " trondmy @ 2022-05-14 14:44 ` trondmy 0 siblings, 0 replies; 15+ messages in thread From: trondmy @ 2022-05-14 14:44 UTC (permalink / raw) To: Steve Dickson, J.Bruce Fields; +Cc: linux-nfs From: Trond Myklebust <trond.myklebust@hammerspace.com> Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com> --- man/man1/nfs4_getfacl.1 | 14 ++++++++++++++ man/man1/nfs4_setfacl.1 | 8 ++++++++ man/man5/nfs4_acl.5 | 10 ++++++++++ 3 files changed, 32 insertions(+) diff --git a/man/man1/nfs4_getfacl.1 b/man/man1/nfs4_getfacl.1 index 7cf7cbf2cd0b..2a618fc356f9 100644 --- a/man/man1/nfs4_getfacl.1 +++ b/man/man1/nfs4_getfacl.1 @@ -34,6 +34,20 @@ flag is specified, .B nfs4_getfacl will not display the comment header (Do not print filename). +If the +.BR --dacl +flag is specified, +.B nfs4_getfacl +will retrieve the dacl. This functionality is only available if +the server supports NFSv4 minor version 1 or newer. + +If the +.BR --sacl +flag is specified, +.B nfs4_getfacl +will retrieve the sacl. This functionality is only available if +the server supports NFSv4 minor version 1 or newer. + The output format for an NFSv4 file ACL, e.g., is: .RS .nf diff --git a/man/man1/nfs4_setfacl.1 b/man/man1/nfs4_setfacl.1 index 7144f0447ef9..47ab517c258c 100644 --- a/man/man1/nfs4_setfacl.1 +++ b/man/man1/nfs4_setfacl.1 @@ -101,6 +101,14 @@ in conjunction with in conjunction with .BR -R / --recursive ", a physical walk skips all symbolic links." .TP +.BR "--dacl" +acts on the dacl only. This functionality is only available if +the server supports NFSv4 minor version 1 or newer. +.TP +.BR "--sacl" +acts on the sacl only. This functionality is only available if +the server supports NFSv4 minor version 1 or newer. +.TP .BR --test display results of .BR COMMAND , diff --git a/man/man5/nfs4_acl.5 b/man/man5/nfs4_acl.5 index e0b2a0a57e8b..7036ab72bc35 100644 --- a/man/man5/nfs4_acl.5 +++ b/man/man5/nfs4_acl.5 @@ -125,6 +125,16 @@ group - indicates that .I principal represents a group instead of a user. .TP +.BR "INHERITED FLAG" " - can be used in any ACE" +.TP +.B I +inherited - indicates that the ACE was inherited from the parent directory. +This flag can only be used with the NFSv4.1 protocol or newer when using the +.BR --dacl +or +.BR --sacl +options. +.TP .BR "INHERITANCE FLAGS" " - can be used in any directory ACE" .TP .B d -- 2.36.1 ^ permalink raw reply related [flat|nested] 15+ messages in thread
* Re: [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' 2022-05-14 14:44 [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' trondmy 2022-05-14 14:44 ` [PATCH 1/6] libnfs4acl: Add helpers to set the dacl and sacl trondmy @ 2022-05-15 1:59 ` J.Bruce Fields 2022-05-15 3:23 ` Trond Myklebust 2022-06-21 13:43 ` Steve Dickson 2 siblings, 1 reply; 15+ messages in thread From: J.Bruce Fields @ 2022-05-15 1:59 UTC (permalink / raw) To: trondmy; +Cc: Steve Dickson, linux-nfs On Sat, May 14, 2022 at 10:44:30AM -0400, trondmy@kernel.org wrote: > From: Trond Myklebust <trond.myklebust@hammerspace.com> > > The following patch set matches the kernel patches to allow access to > the NFSv4.1 'dacl' and 'sacl' attributes. The current patches are very > basic, adding support for encoding/decoding the new attributes only when > the user specifies the '--dacl' or '--sacl' flags on the command line. Seems like a reasonable thing to do. I'd rather not be responsible for nfs4-acl-tools any longer, though. --b. > > Trond Myklebust (6): > libnfs4acl: Add helpers to set the dacl and sacl > libnfs4acl: Add support for the NFS4.1 ACE_INHERITED_ACE flag > The NFSv41 DACL and SACL prepend an extra field to the acl > nfs4_getacl: Add support for the --dacl and --sacl options > nfs4_setacl: Add support for the --dacl and --sacl options > Edit manpages to document the new --dacl, --sacl and inheritance > features > > include/libacl_nfs4.h | 18 +++++++ > include/nfs4.h | 6 +++ > libnfs4acl/Makefile | 2 + > libnfs4acl/acl_nfs4_copy_acl.c | 2 + > libnfs4acl/acl_nfs4_xattr_load.c | 14 +++++- > libnfs4acl/acl_nfs4_xattr_pack.c | 22 ++++++-- > libnfs4acl/nfs4_ace_from_string.c | 3 ++ > libnfs4acl/nfs4_get_ace_flags.c | 2 + > libnfs4acl/nfs4_getacl.c | 84 +++++++++++++++++++++++++++++++ > libnfs4acl/nfs4_new_acl.c | 1 + > libnfs4acl/nfs4_setacl.c | 49 ++++++++++++++++++ > man/man1/nfs4_getfacl.1 | 14 ++++++ > man/man1/nfs4_setfacl.1 | 8 +++ > man/man5/nfs4_acl.5 | 10 ++++ > nfs4_getfacl/nfs4_getfacl.c | 73 ++++++++++++++++++++++++--- > nfs4_setfacl/nfs4_setfacl.c | 67 ++++++++++++++++++++++-- > 16 files changed, 359 insertions(+), 16 deletions(-) > create mode 100644 libnfs4acl/nfs4_getacl.c > create mode 100644 libnfs4acl/nfs4_setacl.c > > -- > 2.36.1 ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' 2022-05-15 1:59 ` [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' J.Bruce Fields @ 2022-05-15 3:23 ` Trond Myklebust 2022-05-19 13:47 ` Steve Dickson 0 siblings, 1 reply; 15+ messages in thread From: Trond Myklebust @ 2022-05-15 3:23 UTC (permalink / raw) To: bfields, trondmy; +Cc: linux-nfs, SteveD On Sat, 2022-05-14 at 21:59 -0400, J.Bruce Fields wrote: > On Sat, May 14, 2022 at 10:44:30AM -0400, trondmy@kernel.org wrote: > > From: Trond Myklebust <trond.myklebust@hammerspace.com> > > > > The following patch set matches the kernel patches to allow access > > to > > the NFSv4.1 'dacl' and 'sacl' attributes. The current patches are > > very > > basic, adding support for encoding/decoding the new attributes only > > when > > the user specifies the '--dacl' or '--sacl' flags on the command > > line. > > Seems like a reasonable thing to do. > > I'd rather not be responsible for nfs4-acl-tools any longer, though. > > --b. I suspected that might be the case, but since you haven't made any announcements about anybody else taking over, I figured I'd start by sending these to you. So who should take over the nfs4-acl-tools maintainer role? Is that something Red Hat might be interested in doing, or should I volunteer to do it while we wait for somebody to get so fed up that they decide to step in? -- Trond Myklebust Linux NFS client maintainer, Hammerspace trond.myklebust@hammerspace.com ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' 2022-05-15 3:23 ` Trond Myklebust @ 2022-05-19 13:47 ` Steve Dickson 2022-05-19 13:53 ` bfields 0 siblings, 1 reply; 15+ messages in thread From: Steve Dickson @ 2022-05-19 13:47 UTC (permalink / raw) To: Trond Myklebust, bfields, trondmy; +Cc: linux-nfs On 5/14/22 11:23 PM, Trond Myklebust wrote: > On Sat, 2022-05-14 at 21:59 -0400, J.Bruce Fields wrote: >> On Sat, May 14, 2022 at 10:44:30AM -0400, trondmy@kernel.org wrote: >>> From: Trond Myklebust <trond.myklebust@hammerspace.com> >>> >>> The following patch set matches the kernel patches to allow access >>> to >>> the NFSv4.1 'dacl' and 'sacl' attributes. The current patches are >>> very >>> basic, adding support for encoding/decoding the new attributes only >>> when >>> the user specifies the '--dacl' or '--sacl' flags on the command >>> line. >> >> Seems like a reasonable thing to do. >> >> I'd rather not be responsible for nfs4-acl-tools any longer, though. >> >> --b. > > I suspected that might be the case, but since you haven't made any > announcements about anybody else taking over, I figured I'd start by > sending these to you. > > So who should take over the nfs4-acl-tools maintainer role? Is that > something Red Hat might be interested in doing, or should I volunteer > to do it while we wait for somebody to get so fed up that they decide > to step in? > Yeah... it probably something we should take over.... I'll add these to my todo list... Where does the upstream repo live today? steved. ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' 2022-05-19 13:47 ` Steve Dickson @ 2022-05-19 13:53 ` bfields 2022-05-19 18:52 ` Steve Dickson 0 siblings, 1 reply; 15+ messages in thread From: bfields @ 2022-05-19 13:53 UTC (permalink / raw) To: Steve Dickson; +Cc: Trond Myklebust, trondmy, linux-nfs On Thu, May 19, 2022 at 09:47:41AM -0400, Steve Dickson wrote: > > > On 5/14/22 11:23 PM, Trond Myklebust wrote: > >On Sat, 2022-05-14 at 21:59 -0400, J.Bruce Fields wrote: > >>On Sat, May 14, 2022 at 10:44:30AM -0400, trondmy@kernel.org wrote: > >>>From: Trond Myklebust <trond.myklebust@hammerspace.com> > >>> > >>>The following patch set matches the kernel patches to allow access > >>>to > >>>the NFSv4.1 'dacl' and 'sacl' attributes. The current patches are > >>>very > >>>basic, adding support for encoding/decoding the new attributes only > >>>when > >>>the user specifies the '--dacl' or '--sacl' flags on the command > >>>line. > >> > >>Seems like a reasonable thing to do. > >> > >>I'd rather not be responsible for nfs4-acl-tools any longer, though. > >> > >>--b. > > > >I suspected that might be the case, but since you haven't made any > >announcements about anybody else taking over, I figured I'd start by > >sending these to you. > > > >So who should take over the nfs4-acl-tools maintainer role? Is that > >something Red Hat might be interested in doing, or should I volunteer > >to do it while we wait for somebody to get so fed up that they decide > >to step in? > > > Yeah... it probably something we should take over.... > > I'll add these to my todo list... Where does the upstream repo > live today? The Fedora rpm package points to my repo on linux-nfs. So you can just clone that and update the spec files to point at your repo. --b. ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' 2022-05-19 13:53 ` bfields @ 2022-05-19 18:52 ` Steve Dickson 2022-05-19 19:01 ` bfields 0 siblings, 1 reply; 15+ messages in thread From: Steve Dickson @ 2022-05-19 18:52 UTC (permalink / raw) To: bfields; +Cc: Trond Myklebust, trondmy, linux-nfs On 5/19/22 9:53 AM, bfields@fieldses.org wrote: > On Thu, May 19, 2022 at 09:47:41AM -0400, Steve Dickson wrote: >> >> >> On 5/14/22 11:23 PM, Trond Myklebust wrote: >>> On Sat, 2022-05-14 at 21:59 -0400, J.Bruce Fields wrote: >>>> On Sat, May 14, 2022 at 10:44:30AM -0400, trondmy@kernel.org wrote: >>>>> From: Trond Myklebust <trond.myklebust@hammerspace.com> >>>>> >>>>> The following patch set matches the kernel patches to allow access >>>>> to >>>>> the NFSv4.1 'dacl' and 'sacl' attributes. The current patches are >>>>> very >>>>> basic, adding support for encoding/decoding the new attributes only >>>>> when >>>>> the user specifies the '--dacl' or '--sacl' flags on the command >>>>> line. >>>> >>>> Seems like a reasonable thing to do. >>>> >>>> I'd rather not be responsible for nfs4-acl-tools any longer, though. >>>> >>>> --b. >>> >>> I suspected that might be the case, but since you haven't made any >>> announcements about anybody else taking over, I figured I'd start by >>> sending these to you. >>> >>> So who should take over the nfs4-acl-tools maintainer role? Is that >>> something Red Hat might be interested in doing, or should I volunteer >>> to do it while we wait for somebody to get so fed up that they decide >>> to step in? >>> >> Yeah... it probably something we should take over.... >> >> I'll add these to my todo list... Where does the upstream repo >> live today? There is now a new nfs4-acl-tools repo [1] that I will start using for this patch set. You might want to disable the old repo. Also the links on the main page of linux-nfs.org [2] will need to point to [1]. I guess I don't have an account on that box, so I can not make that change. steved. [1] git://git.linux-nfs.org/~steved/nfs4-acl-tools.git [2] http://linux-nfs.org/wiki/index.php/Main_Page ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' 2022-05-19 18:52 ` Steve Dickson @ 2022-05-19 19:01 ` bfields 0 siblings, 0 replies; 15+ messages in thread From: bfields @ 2022-05-19 19:01 UTC (permalink / raw) To: Steve Dickson; +Cc: Trond Myklebust, trondmy, linux-nfs On Thu, May 19, 2022 at 02:52:25PM -0400, Steve Dickson wrote: > Also the links on the main page of linux-nfs.org [2] > will need to point to [1]. I guess I don't have an > account on that box, so I can not make that change. https://wiki.linux-nfs.org/wiki/index.php/Special:RequestAccount --b. ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' 2022-05-14 14:44 [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' trondmy 2022-05-14 14:44 ` [PATCH 1/6] libnfs4acl: Add helpers to set the dacl and sacl trondmy 2022-05-15 1:59 ` [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' J.Bruce Fields @ 2022-06-21 13:43 ` Steve Dickson 2022-06-21 13:58 ` J.Bruce Fields 2 siblings, 1 reply; 15+ messages in thread From: Steve Dickson @ 2022-06-21 13:43 UTC (permalink / raw) To: trondmy, J.Bruce Fields; +Cc: linux-nfs On 5/14/22 10:44 AM, trondmy@kernel.org wrote: > From: Trond Myklebust <trond.myklebust@hammerspace.com> > > The following patch set matches the kernel patches to allow access to > the NFSv4.1 'dacl' and 'sacl' attributes. The current patches are very > basic, adding support for encoding/decoding the new attributes only when > the user specifies the '--dacl' or '--sacl' flags on the command line. > > Trond Myklebust (6): > libnfs4acl: Add helpers to set the dacl and sacl > libnfs4acl: Add support for the NFS4.1 ACE_INHERITED_ACE flag > The NFSv41 DACL and SACL prepend an extra field to the acl > nfs4_getacl: Add support for the --dacl and --sacl options > nfs4_setacl: Add support for the --dacl and --sacl options > Edit manpages to document the new --dacl, --sacl and inheritance > features > > include/libacl_nfs4.h | 18 +++++++ > include/nfs4.h | 6 +++ > libnfs4acl/Makefile | 2 + > libnfs4acl/acl_nfs4_copy_acl.c | 2 + > libnfs4acl/acl_nfs4_xattr_load.c | 14 +++++- > libnfs4acl/acl_nfs4_xattr_pack.c | 22 ++++++-- > libnfs4acl/nfs4_ace_from_string.c | 3 ++ > libnfs4acl/nfs4_get_ace_flags.c | 2 + > libnfs4acl/nfs4_getacl.c | 84 +++++++++++++++++++++++++++++++ > libnfs4acl/nfs4_new_acl.c | 1 + > libnfs4acl/nfs4_setacl.c | 49 ++++++++++++++++++ > man/man1/nfs4_getfacl.1 | 14 ++++++ > man/man1/nfs4_setfacl.1 | 8 +++ > man/man5/nfs4_acl.5 | 10 ++++ > nfs4_getfacl/nfs4_getfacl.c | 73 ++++++++++++++++++++++++--- > nfs4_setfacl/nfs4_setfacl.c | 67 ++++++++++++++++++++++-- > 16 files changed, 359 insertions(+), 16 deletions(-) > create mode 100644 libnfs4acl/nfs4_getacl.c > create mode 100644 libnfs4acl/nfs4_setacl.c > My apologies this took so long.... Committed (tag: nfs4-acl-tools-0.4.1-rc) steved. ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' 2022-06-21 13:43 ` Steve Dickson @ 2022-06-21 13:58 ` J.Bruce Fields 0 siblings, 0 replies; 15+ messages in thread From: J.Bruce Fields @ 2022-06-21 13:58 UTC (permalink / raw) To: Steve Dickson; +Cc: trondmy, linux-nfs Thanks!--b. On Tue, Jun 21, 2022 at 09:43:44AM -0400, Steve Dickson wrote: > > > On 5/14/22 10:44 AM, trondmy@kernel.org wrote: > >From: Trond Myklebust <trond.myklebust@hammerspace.com> > > > >The following patch set matches the kernel patches to allow access to > >the NFSv4.1 'dacl' and 'sacl' attributes. The current patches are very > >basic, adding support for encoding/decoding the new attributes only when > >the user specifies the '--dacl' or '--sacl' flags on the command line. > > > >Trond Myklebust (6): > > libnfs4acl: Add helpers to set the dacl and sacl > > libnfs4acl: Add support for the NFS4.1 ACE_INHERITED_ACE flag > > The NFSv41 DACL and SACL prepend an extra field to the acl > > nfs4_getacl: Add support for the --dacl and --sacl options > > nfs4_setacl: Add support for the --dacl and --sacl options > > Edit manpages to document the new --dacl, --sacl and inheritance > > features > > > > include/libacl_nfs4.h | 18 +++++++ > > include/nfs4.h | 6 +++ > > libnfs4acl/Makefile | 2 + > > libnfs4acl/acl_nfs4_copy_acl.c | 2 + > > libnfs4acl/acl_nfs4_xattr_load.c | 14 +++++- > > libnfs4acl/acl_nfs4_xattr_pack.c | 22 ++++++-- > > libnfs4acl/nfs4_ace_from_string.c | 3 ++ > > libnfs4acl/nfs4_get_ace_flags.c | 2 + > > libnfs4acl/nfs4_getacl.c | 84 +++++++++++++++++++++++++++++++ > > libnfs4acl/nfs4_new_acl.c | 1 + > > libnfs4acl/nfs4_setacl.c | 49 ++++++++++++++++++ > > man/man1/nfs4_getfacl.1 | 14 ++++++ > > man/man1/nfs4_setfacl.1 | 8 +++ > > man/man5/nfs4_acl.5 | 10 ++++ > > nfs4_getfacl/nfs4_getfacl.c | 73 ++++++++++++++++++++++++--- > > nfs4_setfacl/nfs4_setfacl.c | 67 ++++++++++++++++++++++-- > > 16 files changed, 359 insertions(+), 16 deletions(-) > > create mode 100644 libnfs4acl/nfs4_getacl.c > > create mode 100644 libnfs4acl/nfs4_setacl.c > > > My apologies this took so long.... > > Committed (tag: nfs4-acl-tools-0.4.1-rc) > > steved. ^ permalink raw reply [flat|nested] 15+ messages in thread
end of thread, other threads:[~2022-06-21 13:58 UTC | newest] Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-05-14 14:44 [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' trondmy 2022-05-14 14:44 ` [PATCH 1/6] libnfs4acl: Add helpers to set the dacl and sacl trondmy 2022-05-14 14:44 ` [PATCH 2/6] libnfs4acl: Add support for the NFS4.1 ACE_INHERITED_ACE flag trondmy 2022-05-14 14:44 ` [PATCH 3/6] The NFSv41 DACL and SACL prepend an extra field to the acl trondmy 2022-05-14 14:44 ` [PATCH 4/6] nfs4_getacl: Add support for the --dacl and --sacl options trondmy 2022-05-14 14:44 ` [PATCH 5/6] nfs4_setacl: " trondmy 2022-05-14 14:44 ` [PATCH 6/6] Edit manpages to document the new --dacl, --sacl and inheritance features trondmy 2022-05-15 1:59 ` [PATCH 0/6] Allow nfs4-acl-tools to access 'dacl' and 'sacl' J.Bruce Fields 2022-05-15 3:23 ` Trond Myklebust 2022-05-19 13:47 ` Steve Dickson 2022-05-19 13:53 ` bfields 2022-05-19 18:52 ` Steve Dickson 2022-05-19 19:01 ` bfields 2022-06-21 13:43 ` Steve Dickson 2022-06-21 13:58 ` J.Bruce Fields
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.