From: Anton Altaparmakov <aia21@cam.ac.uk>
To: Hans Reiser <reiser@namesys.com>
Cc: "Stephen C. Tweedie" <sct@redhat.com>,
Nathan Scott <nathans@sgi.com>,
Andreas Gruenbacher <ag@bestbits.at>,
linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-xfs@oss.sgi.com, Nikita Danilov <god@namesys.com>
Subject: Re: [PATCH] Revised extended attributes interface
Date: Tue, 11 Dec 2001 18:46:43 +0000 [thread overview]
Message-ID: <5.1.0.14.2.20011211184344.04adc9d0@pop.cus.cam.ac.uk> (raw)
In-Reply-To: <3C164F31.7080404@namesys.com>
In-Reply-To: <20011205143209.C44610@wobbly.melbourne.sgi.com> <20011207202036.J2274@redhat.com> <20011208155841.A56289@wobbly.melbourne.sgi.com> <20011210115209.C1919@redhat.com> <20011211124115.E70201@wobbly.melbourne.sgi.com> <20011211134758.F2268@redhat.com>
At 18:23 11/12/01, Hans Reiser wrote:
>Stephen C. Tweedie wrote:
>The proposal defines two "families" of attribute entities: attribute
>>families and name families.
>>
>>An attribute family might be ATR_USER or ATR_SYSTEM to specify that we
>>are dealing with arbitrary user or system named extended attributes,
>>or ATR_POSIXACL to specify POSIX-semantics ACLs. Obviously, this can
>>be extended to other ACL semantics without revving the API --- a new
>>attribute family would be all that is needed.
>>
>>The "name family" is the other part of the equation. Attributes in
>>the ATR_USER or ATR_SYSTEM families might be named with counted
>>strings, so they would have names in the ANAME_STRING name family.
>>POSIX ACLs, however, have a different namespace: ANAME_UID or
>>ANAME_GID. The API cleanly deals with the difference between user and
>>group ACLs. It also makes it easy to add support later on for more
>>complex operations: if we want to add NT SID support to ext2 ACLs so
>>that Samba and local accesses get the same access control, we can pass
>>ANAME_NTSID names to the ATR_POSIXACL attribute family without
>>changing the API.
>If you have given it some thought, which your writing hints you may have,
>can you say a little about supporting NT SIDS and NT ACLs by Linux, and
>how that can be hard and easy?
>
>One of my programmers is arguing that NT (as opposed to POSIX) ACL support
>is harder than I imagine due to SIDS, and.... your view would be interesting.
SIDs are nothing but user ids so you just require the user to pass a
mapping between SIDs and Linux user&group ids at mount time and that
problem is solved.
I am told samba already has support for SIDs so it can't be that difficult. (-:
Best regards,
Anton
--
"I've not lost my mind. It's backed up on tape somewhere." - Unknown
--
Anton Altaparmakov <aia21 at cam.ac.uk> (replace at with @)
Linux NTFS Maintainer / WWW: http://linux-ntfs.sf.net/
ICQ: 8561279 / WWW: http://www-stu.christs.cam.ac.uk/~aia21/
next prev parent reply other threads:[~2001-12-11 18:47 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-12-05 3:32 [PATCH] Revised extended attributes interface Nathan Scott
2001-12-05 9:08 ` Anton Altaparmakov
2001-12-06 5:46 ` Nathan Scott
2001-12-06 3:05 ` Daniel Phillips
2001-12-06 5:41 ` Nathan Scott
2001-12-06 15:25 ` Daniel Phillips
2001-12-06 23:15 ` Nathan Scott
2001-12-07 1:45 ` Daniel Phillips
2001-12-07 2:03 ` Daniel Phillips
2001-12-07 3:51 ` Nathan Scott
2001-12-07 20:20 ` Stephen C. Tweedie
2001-12-08 4:58 ` Nathan Scott
2001-12-08 20:17 ` Hans Reiser
2001-12-11 2:42 ` reiser4 (was Re: [PATCH] Revised extended attributes interface) Nathan Scott
2001-12-11 12:02 ` Hans Reiser
2001-12-11 19:23 ` Anton Altaparmakov
2001-12-11 20:14 ` reiser4 (was Re: [PATCH] Revised extended attributesinterface) curtis
2001-12-11 21:34 ` Hans Reiser
2001-12-11 23:04 ` curtis
2001-12-11 23:28 ` Hans Reiser
2001-12-11 23:46 ` Anton Altaparmakov
2001-12-12 1:00 ` curtis
2001-12-11 21:21 ` reiser4 (was Re: [PATCH] Revised extended attributes interface) Hans Reiser
2001-12-11 23:33 ` Anton Altaparmakov
2001-12-11 23:59 ` Hans Reiser
2001-12-12 2:16 ` Anton Altaparmakov
2001-12-12 12:02 ` Hans Reiser
2001-12-12 13:34 ` Anton Altaparmakov
2001-12-12 15:40 ` Hans Reiser
2001-12-13 1:43 ` Andrew Pimlott
2001-12-13 9:23 ` Hans Reiser
2001-12-13 10:36 ` User-manageable sub-ids proposals Romano Giannetti
2001-12-13 13:37 ` Ragnar Kjørstad
2001-12-13 16:06 ` Romano Giannetti
2001-12-13 18:58 ` Ragnar Kjørstad
2001-12-18 0:17 ` Pavel Machek
2001-12-13 23:24 ` David Wagner
2001-12-21 21:28 ` Andreas Ferber
2001-12-13 15:27 ` reiser4 (was Re: [PATCH] Revised extended attributes interface) Andrew Pimlott
2001-12-13 20:47 ` Hans Reiser
2001-12-13 21:01 ` Anton Altaparmakov
2001-12-10 11:52 ` [PATCH] Revised extended attributes interface Stephen C. Tweedie
2001-12-10 15:00 ` Peter J. Braam
2001-12-10 15:56 ` Stephen C. Tweedie
2001-12-10 16:00 ` Mr. James W. Laferriere
2001-12-10 16:15 ` Stephen C. Tweedie
2001-12-10 19:01 ` John Stoffel
2001-12-11 1:22 ` Timothy Shimmin
2001-12-11 11:33 ` Stephen C. Tweedie
2001-12-11 15:15 ` Implementing POSIX ACLs - was: " Anton Altaparmakov
2001-12-11 1:41 ` Nathan Scott
2001-12-11 13:47 ` Stephen C. Tweedie
2001-12-11 18:23 ` Hans Reiser
2001-12-11 18:46 ` Anton Altaparmakov [this message]
2001-12-11 23:37 ` Implementing POSIX ACLs - was " Nathan Scott
2001-12-11 13:30 ` Implementing POSIX ACLs - was: " Anton Altaparmakov
2001-12-11 14:34 ` Stephen C. Tweedie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5.1.0.14.2.20011211184344.04adc9d0@pop.cus.cam.ac.uk \
--to=aia21@cam.ac.uk \
--cc=ag@bestbits.at \
--cc=god@namesys.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-xfs@oss.sgi.com \
--cc=nathans@sgi.com \
--cc=reiser@namesys.com \
--cc=sct@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).