linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Anton Altaparmakov <aia21@cam.ac.uk>
To: Hans Reiser <reiser@namesys.com>
Cc: "Stephen C. Tweedie" <sct@redhat.com>,
	Nathan Scott <nathans@sgi.com>,
	Andreas Gruenbacher <ag@bestbits.at>,
	linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
	linux-xfs@oss.sgi.com, Nikita Danilov <god@namesys.com>
Subject: Re: [PATCH] Revised extended attributes interface
Date: Tue, 11 Dec 2001 18:46:43 +0000	[thread overview]
Message-ID: <5.1.0.14.2.20011211184344.04adc9d0@pop.cus.cam.ac.uk> (raw)
In-Reply-To: <3C164F31.7080404@namesys.com>
In-Reply-To: <20011205143209.C44610@wobbly.melbourne.sgi.com> <20011207202036.J2274@redhat.com> <20011208155841.A56289@wobbly.melbourne.sgi.com> <20011210115209.C1919@redhat.com> <20011211124115.E70201@wobbly.melbourne.sgi.com> <20011211134758.F2268@redhat.com>

At 18:23 11/12/01, Hans Reiser wrote:
>Stephen C. Tweedie wrote:
>The proposal defines two "families" of attribute entities: attribute
>>families and name families.
>>
>>An attribute family might be ATR_USER or ATR_SYSTEM to specify that we
>>are dealing with arbitrary user or system named extended attributes,
>>or ATR_POSIXACL to specify POSIX-semantics ACLs.  Obviously, this can
>>be extended to other ACL semantics without revving the API --- a new
>>attribute family would be all that is needed.
>>
>>The "name family" is the other part of the equation.  Attributes in
>>the ATR_USER or ATR_SYSTEM families might be named with counted
>>strings, so they would have names in the ANAME_STRING name family.
>>POSIX ACLs, however, have a different namespace: ANAME_UID or
>>ANAME_GID.  The API cleanly deals with the difference between user and
>>group ACLs.  It also makes it easy to add support later on for more
>>complex operations: if we want to add NT SID support to ext2 ACLs so
>>that Samba and local accesses get the same access control, we can pass
>>ANAME_NTSID names to the ATR_POSIXACL attribute family without
>>changing the API.
>If you have given it some thought, which your writing hints you may have, 
>can you say a little about supporting NT SIDS and NT ACLs by Linux, and 
>how that can be hard and easy?
>
>One of my programmers is arguing that NT (as opposed to POSIX) ACL support 
>is harder than I imagine due to SIDS, and.... your view would be interesting.

SIDs are nothing but user ids so you just require the user to pass a 
mapping between SIDs and Linux user&group ids at mount time and that 
problem is solved.

I am told samba already has support for SIDs so it can't be that difficult. (-:

Best regards,

         Anton


-- 
   "I've not lost my mind. It's backed up on tape somewhere." - Unknown
-- 
Anton Altaparmakov <aia21 at cam.ac.uk> (replace at with @)
Linux NTFS Maintainer / WWW: http://linux-ntfs.sf.net/
ICQ: 8561279 / WWW: http://www-stu.christs.cam.ac.uk/~aia21/


  parent reply	other threads:[~2001-12-11 18:47 UTC|newest]

Thread overview: 57+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2001-12-05  3:32 [PATCH] Revised extended attributes interface Nathan Scott
2001-12-05  9:08 ` Anton Altaparmakov
2001-12-06  5:46   ` Nathan Scott
2001-12-06  3:05 ` Daniel Phillips
2001-12-06  5:41   ` Nathan Scott
2001-12-06 15:25     ` Daniel Phillips
2001-12-06 23:15       ` Nathan Scott
2001-12-07  1:45         ` Daniel Phillips
2001-12-07  2:03         ` Daniel Phillips
2001-12-07  3:51           ` Nathan Scott
2001-12-07 20:20 ` Stephen C. Tweedie
2001-12-08  4:58   ` Nathan Scott
2001-12-08 20:17     ` Hans Reiser
2001-12-11  2:42       ` reiser4 (was Re: [PATCH] Revised extended attributes interface) Nathan Scott
2001-12-11 12:02         ` Hans Reiser
2001-12-11 19:23         ` Anton Altaparmakov
2001-12-11 20:14           ` reiser4 (was Re: [PATCH] Revised extended attributesinterface) curtis
2001-12-11 21:34             ` Hans Reiser
2001-12-11 23:04               ` curtis
2001-12-11 23:28                 ` Hans Reiser
2001-12-11 23:46                   ` Anton Altaparmakov
2001-12-12  1:00                   ` curtis
2001-12-11 21:21           ` reiser4 (was Re: [PATCH] Revised extended attributes interface) Hans Reiser
2001-12-11 23:33             ` Anton Altaparmakov
2001-12-11 23:59               ` Hans Reiser
2001-12-12  2:16                 ` Anton Altaparmakov
2001-12-12 12:02                   ` Hans Reiser
2001-12-12 13:34                   ` Anton Altaparmakov
2001-12-12 15:40                     ` Hans Reiser
2001-12-13  1:43             ` Andrew Pimlott
2001-12-13  9:23               ` Hans Reiser
2001-12-13 10:36                 ` User-manageable sub-ids proposals Romano Giannetti
2001-12-13 13:37                   ` Ragnar Kjørstad
2001-12-13 16:06                     ` Romano Giannetti
2001-12-13 18:58                       ` Ragnar Kjørstad
2001-12-18  0:17                     ` Pavel Machek
2001-12-13 23:24                   ` David Wagner
2001-12-21 21:28                   ` Andreas Ferber
2001-12-13 15:27                 ` reiser4 (was Re: [PATCH] Revised extended attributes interface) Andrew Pimlott
2001-12-13 20:47                   ` Hans Reiser
2001-12-13 21:01               ` Anton Altaparmakov
2001-12-10 11:52     ` [PATCH] Revised extended attributes interface Stephen C. Tweedie
2001-12-10 15:00       ` Peter J. Braam
2001-12-10 15:56         ` Stephen C. Tweedie
2001-12-10 16:00           ` Mr. James W. Laferriere
2001-12-10 16:15             ` Stephen C. Tweedie
2001-12-10 19:01           ` John Stoffel
2001-12-11  1:22       ` Timothy Shimmin
2001-12-11 11:33         ` Stephen C. Tweedie
2001-12-11 15:15           ` Implementing POSIX ACLs - was: " Anton Altaparmakov
2001-12-11  1:41       ` Nathan Scott
2001-12-11 13:47         ` Stephen C. Tweedie
2001-12-11 18:23           ` Hans Reiser
2001-12-11 18:46           ` Anton Altaparmakov [this message]
2001-12-11 23:37           ` Implementing POSIX ACLs - was " Nathan Scott
2001-12-11 13:30       ` Implementing POSIX ACLs - was: " Anton Altaparmakov
2001-12-11 14:34         ` Stephen C. Tweedie

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5.1.0.14.2.20011211184344.04adc9d0@pop.cus.cam.ac.uk \
    --to=aia21@cam.ac.uk \
    --cc=ag@bestbits.at \
    --cc=god@namesys.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-xfs@oss.sgi.com \
    --cc=nathans@sgi.com \
    --cc=reiser@namesys.com \
    --cc=sct@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).