On Tue, Aug 23, 2011 at 7:58 AM, Jeff Layton <jlayton@xxxxxxxxx> wrote: > On Fri, 19 Aug 2011 22:27:12 -0500 > shirishpargaonkar@xxxxxxxxx wrote: > >> >> Implement utilities getcifsacl and setcifsacl >> >> >> Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@xxxxxxxxx> >> >> >> Set of patches to build utilities getcifsacl and setcifsacl >> along with their manpages. >> >> getcifsacl fetches a security descriptor of a file off of a >> share mounted using option cifsacl using API getxattr. >> It then parses the security descriptor printing control >> porttion of the security descriptor and then DACL if there >> is one by printing each ACE with it fields, SID, type, flags, and mask. >> >> setcifsacl builds two lists of ACEs, one specified on the command line >> and other fetched from the file the way getcifacl does. >> It then constructs a security descriptor consisting of ACL >> and uses API setxattr to send the security descriptor as a blob to >> the server. setcifsacl also works with files off of shares >> mounted with option cifsacl. >> >> manpages are provided for both the utilities with some examples >> in setcifsacl manpage. The usage of getcifsacl is simple and >> very much self explanatory. >> >> With these utilities, there is a way to interprete and construct a >> blob describing security descritpor of a file system object. >> >> These utilities are modeled after smbcacls command in the >> Samba suite. >> > > Other than my comments on the header and the autoconf stuff, I think > this is probably OK. I do wonder whether time would be better spent on > getting RichACL's into the VFS, but this certainly doesn't preclude > that, and seems useful. > > One minor nit: you should add the manpages before the autoconf changes > to make sure that bisectability is preserved. > > -- > Jeff Layton <jlayton@xxxxxxxxx> > Jeff, Thanks. Sure. I will also split manpages and auto* rules for getcifacl and setcifsacl in separate patches. Regards, Shirish -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
