On Thu, Sep 3, 2009 at 8:54 AM, J. Bruce Fields<bfields@xxxxxxxxxxxx> wrote: > On Thu, Sep 03, 2009 at 08:36:44AM -0500, Steve French wrote: >> On Thu, Sep 3, 2009 at 2:46 AM, Muntz, Daniel<Dan.Muntz@xxxxxxxxxx> wrote: >> > I've always thought of NFS as a means for making physical file systems >> > available across a network. NFS having its own ACLs doesn't fit this >> > model. E.g., "NFS ACLs" will never be integrated into NTFS. However, I >> > could imagine NFS ACLs solving the general problem if they were to form >> > a superset of the ACLs of exportable physical file systems >> >> NFSv4 ACLs are similar to CIFS/NTFS ACLS. NFSv4 ACLs were >> originally based on CIFS/NTFS ACLs so it would be reasonable >> to export them from NTFS (although the SIDs (UUIDs) have to be mapped >> to local Linux UIDs - we have user space code that can do this in Samba). > > On the server side, you'd actually have to map between SIDs and NFSv4 > names (strings of the form user@domain). Yes ... We could add mapping directly from user@domain to SID - Samba has something similar, but we already have both mapping to/from unix uid. 1) SID (UUID, a number) to/from a local Unix UID (which winbind and others have today) and 2) user@domain mapped to/from local Unix UID (which NFS user space code has today) If -- Thanks, Steve -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
