On Sat, Aug 6, 2016 at 3:52 AM, Seth Forshee <seth.forshee@xxxxxxxxxxxxx> wrote: > On Fri, Aug 05, 2016 at 06:07:44PM -0500, Eric W. Biederman wrote: > What I'm not convinced of is that the userspace visible changes in > behavior won't break someone's software, even if they aren't really > getting acl enforcement. That's a key point. Backward compatibility is important, and not even hard to do because fuse can negotiate supported features with the userspace filesystem. So we can have a new FUSE_POSIX_ACL feature flag in INIT, sent if "default_permissions" is on. If not set in INIT reply just pass all xattrs through to the filesystem. Caching should not be done. Don't think about whether it's logical or not, or if anyone could use it for anything sane. Just do what we are doing currently. Translating uids still makes sense, but that's another story. If the flag is set in INIT reply, then that means userspace filesystem wants handling of posix acl permission checking in kernel. It would also mean that caching of posix acl are allowed (lifetime linked to attribute lifetime). If filesystem wants to explicitly disable posix acl support, then it can reply EOPNOTSUPP to getxattr and setxattr on "system.posix_acl_*". Alternatively we can add a FUSE_NO_POSIX_ACL feature flag, that filesystem can return in reply to FUSE_POSIX_ACL. I agree that adding CONFIG_FUSE_FS_POSIX_ACL is probably not worth it, just make any such code dependent on CONFIG_FS_POSIX_ACL. Thanks, Miklos -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
