On Wednesday 02 September 2009 22:22:06 J. Bruce Fields wrote: > On Wed, Sep 02, 2009 at 01:56:23PM -0500, Steve French wrote: > > In the meantime we don't even have a generalized system interface to > > set/get nfsv4/cifs/ntfs acls > > The current client is using raw xdr-formatted v4 acls in an extended > attribute. We could consider some other interface if that would be more > useful to other projects. (Andreas' patches have a different > xattr-based interface which might serve as another example.) Yes, the current nfsv4 client exposes NFSv4 ACLs with "user@domain" and "group@domain" identifiers in xattrs. Users and groups of local processes and files are are identified by ID though, so the kernel would have to map between "user@domain" and "group@domain" identifiers and IDs even for local accesses. This doesn't make sense. The native NSFv4 ACL prototype [1] uses IDs in its xattr format instead; all the ID mapping logic remains in NFSv4 (and in Samba for CIFS). [1] http://www.suse.de/~agruen/nfs4acl/ Andreas -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
