Hi,
Miklos Szeredi wrote:
[Adding Andreas Gruenbacher to Cc]
On Mon, Aug 29, 2016 at 3:46 PM, Seth Forshee
<seth.forshee@xxxxxxxxxxxxx> wrote:
Hi Miklos,
Here's an updated set of patches for supporting posix ACLs in fuse. I
think I've incorporated all the feedback from the last RFC series, and
so I've dropped the RFC this time.
Pushed, with minor changes, to
git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git#for-next
Please verify that I didn't break it.
I also pushed to github the changes I made to libfuse for testing this.
They're a little rough and probably not 100% complete, but it is
sufficient for exercising the functionality of these patches with
fusexmp.
https://github.com/sforshee/libfuse/tree/posix-acl
As for the libfuse part:
1) Please don't mess with fusexmp.c. The added code is really an
anti-example. Posix acls will will work fine in such pass-through
filesystems without doing anything. The added complexity just makes
it brittle and racy without actually doing anything positive.
2) You define some constants and structures (POSIX_ACL_*) in
fuse_common.h that don't seem to belong there. There's <sys/acl.h>
that contains some parts of that, but I'm not sure how much we want to
tie libfuse to libacl... It's a difficult thing. Generally I'd try
to keep the interface as narrow as possible. Perhaps it's enough to
have a a function to return the equivalent mode from the xattr?
3) How will richacl's fit into this?
4) We really need a better example to check the efficiency of the new
interface, but that's hard because we need a "real" filesystem for
that and those are rare. Ntfs-3g is one such, and it would be
interesting to "port" it to using the new API.
Jean-Pierre, how difficult would that be?
The code for Posix ACLs support within the kernel is
already present in ntfs-3g (just have to define the
macro KERNELACLS in order to disable the checks
within ntfs-3g and rely on the kernel ones).
This however relies on assumptions I made a few years
back, and might be invalid now. I will at least have
to set some flag in the init callback.
The ACLs are supposed to be set and retrieved through
the extended attributes system.posix_acl_access and
system.posix_acl_default. Recent posts about it in
this list mention "xattr handlers", do they mean
getxattr() and setxattr() on these extended attributes ?
Also the sync with the file mode is done natively,
as the ACLs and modes are translated to a single
object (an NTFS ACL). There is no need for fuse to
duplicate the mode to a ACL setting or conversely.
Now the main problem for ntfs-3g is to migrate to
libfuse3, still keeping the compatibility with non-Linux
implementations (MacOSX, OpenIndiana, and others).
I have not done anything about it yet.
Does the Posix ACL in-kernel support require libfuse3 ?
Finally, I am still using an old kernel, so I will
have to setup a test environment...
Jean-Pierre
Thanks,
Miklos
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
