On Thu, Dec 07, 2017 at 02:54:22PM -0800, Drew Leske wrote: > The remaining question for me then is around the NFSv4 ACL and the > ownership change permission, and whether I should be able to get that > to work, especially on a stock system. No. When you set an ACL, the server just translates that ACL to the closet POSIX ACL it can find. And the filesystem code just enforces that POSIX ACL. POSIX ACLs have no equivalent to WRITE_OWNER. I can't remember what the code in fs/nfsd/nfs4acl.c does--the only choices would be to either ignore the bit or fail, I think it does the former. (In theory knfsd could store the full v4 ACL in an extended attribute and do its own enforcement on the side--I think Samba can do something like this. This seems complicated to me and I'd rather add richacl support to the filesystems, but that effort has stalled.) > I know there are some issues > with mapping NFSv4 ACLs to so-called “POSIX” ACLs, but I didn’t see > anything in the documentation to suggest it isn’t implemented. Should > I expect this to work without installing the richacls software? You'd have to actually apply the richacls kernel patch. I think you'd find that more trouble than it's worth. --b. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
