> -----Original Message----- > From: Andreas Grünbacher [mailto:andreas.gruenbacher@xxxxxxxxx] > Sent: Wednesday, May 13, 2015 2:06 PM > To: Frank Filz > Cc: linux-kernel@xxxxxxxxxxxxxxx; linux-fsdevel@xxxxxxxxxxxxxxx; linux- > nfs@xxxxxxxxxxxxxxx > Subject: Re: [RFC v3 20/45] richacl: Automatic Inheritance > > 2015-05-13 22:38 GMT+02:00 Frank Filz <ffilzlnx@xxxxxxxxxxxxxx>: > > So inheritance will happen, but there is also a mode set as part of > > the create that I assume is effectively handled the same as a subsequent > chmod() on the file? > > The effect is similar to a subsequent chmod except that the effective > permissions may be fewer then the create mode: > > * In the traditional POSIX case, the effective permissions are > (create_mode & ~umask). > > * With POSIX ACLs and Richacls, if there are inheritable permissions, > the effective permissions are the intersection of the create mode and > the maximum permissions the inherited acl grants. So if the inherited > acl grants at most rwxr-x---, with a create mode of rw-rw-rw, the > effective permissions end up being rw-r-----. > > > Any chance we could add a system call to do a open/create and pass an > > ACL (and heck, if we go there, why not a system call that allows > > creating with mtime, atime, owner, etc. also...). > > Send patches, but expect them to get killed :) > > > Is there a mode that we could pass that would cause the least amount > > of damage to the inherited ACL? > > Yes, 0777. But the RICHACL_PROTECTED flag will still be set, and that is the > problem in this case. I'm not clear what the RICHACL_PROTECTED flag actually does. It looks like it's only tested in chmod, and then only if the mode matches the mask (at least if I'm understanding the code right). Frank -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
