On 2021-03-20 at 16:35 +1000 ronnie sahlberg sent off: > What we are talking about is NTFS semantics and how to integrate it > into a posix environment like Linux. as we are talking here about Unix systems, let's call what we're talking about NFS4 ACLs. See: https://wiki.samba.org/index.php/NFS4_ACL_overview > We are not going to implement NTFS semantics in the kernel, that train > left the station 20 years ago. the train of NFS4 ACLs in Linux actually didn't leave the station at all, it's still in the station waiting for lights switching to green :) > What we can do is to try to emulate. Try to map NTFS onto posix in a > way that makes most sense for most > average people. As mapping the ACLs is too lossy, cifs has the cifsacl mount option, but that is buggy, issues with that don't get a lot of attention. > But that is it. We can never do 100% ntfs. true, this why Samba started the acl_xattr to manage the ACLs on its own in userspace. This is making it difficult to manage though as you have to do that through the SMB layser then only. Also no interoperability with native file access or different layers like NFS is impossible with that. The acl_xattr modules was born out of pitty that we're in that we lack NFS4 ACLs on Linux. > And we cover the main use cases. with "cover most use cases" you are still talking generally about POSIX draft ACLs vs. NFS4 ACLs here? > Are there use cases where the mappings will not work becasue we are > not NTFS? Very likely. lot's of cases. Starting from the concept of ACL inheritence which doesn't exist in POSIX draft ACLs at all (no, POSIX draft default ACLs are not comparable with it). > Maybe those use cases that require full 100% NTFS semantics should > just use windows? you want to ask people who need NFS4 ACLs to use Windows, seriously? I rather recommend using other Unix systems that support NFS4 ACLs. Actually all other actively developed Unix systems do support NFS4 ACLS. Customers, who want to use SMB also for their Linux clients, give up quite soon because of the shortcomings of the permission management.. Without native NFS4 ACLs this will probably not change - this is why I ask the cifs vfs and the cifsd people here to help push to get NFS4 ACLs aka richacls in he kernel vfs layer. You know that POSIX draft ACLs had never been finally standrarized, they were were withdrawn in 1997. However NFS4 ACLs are standarized. > If not, patches sent to the mailinglist are welcome. Andreas Grünbacher sent working patches long time ago, see the links from the wiki article above. Björn
