On Mon, 2009-08-24 at 19:59 -0400, J. Bruce Fields wrote: > On Fri, Aug 14, 2009 at 03:02:30PM -0700, Frank Filz wrote: > > 1. GROUP@ Allow entry doesn't have NFS4_ACE_IDENTIFIER_GROUP, This > > appears to have been introduced by accident as part of commit > > http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=bec50c47aaf6f1f9247f1860547ab394a0802a4c > > It's good to flip that bit every now and then just to keep client > implementations on their toes.... > > (Slightly more seriously, the 4.1 draft says "The > ACE4_IDENTIFIER_GROUP flag MUST be ignored on entries with these > special identifiers. When encoding entries with these special > identifiers, the ACE4_IDENTIFIER_GROUP flag SHOULD be set to > zero." It really shouldn't matter either way, but the point is > that this flag is used to distinguish named users from named > groups (since unix allows a group to have the same name as a > user), so it doesn't really make sense to use it on a special > identifier such as this.) Ok, that makes sense, in that case, we probably should have this fragment to remove the flag from the GROUP@ deny entry: @@ -321,7 +321,7 @@ _posix_to_nfsv4_one(struct posix_acl *pacl, struct nfs4_acl *acl, deny = ~pas.group & pas.other; if (deny) { ace->type = NFS4_ACE_ACCESS_DENIED_ACE_TYPE; - ace->flag = eflag | NFS4_ACE_IDENTIFIER_GROUP; + ace->flag = eflag; ace->access_mask = deny_mask_from_posix(deny, flags); ace->whotype = NFS4_ACL_WHO_GROUP; ace++; -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html