On Tue, Oct 27, 2015 at 6:30 AM, Dave Chinner <david@xxxxxxxxxxxxx> wrote: > On Tue, Oct 27, 2015 at 12:52:10AM +0100, Andreas Gruenbacher wrote: >> On Mon, Oct 26, 2015 at 10:32 PM, Dave Chinner <david@xxxxxxxxxxxxx> wrote: >> > Really, I'm struggling to understand what the problem is with XFS >> > doing translation to it's own special xattr names for ACLs >> > underneath the posix layer. >> >> Right now, setting one of the SGI_ACL attributes leads to stale i_acl >> / i_default_acl fields and in the case of SGI_ACL_FILE, possibly to >> outdated permissions in i_mode. You would get different information >> from getfacl than what's stored on disk. > > That's because we're not marking the cached acl as stale when > setting the acl directly... > >> > Yes, there's a caching issue when someone directly manipulates >> > the underlying xattr, >> >> "Directly manipulating" could be doing a setxattr of an attribute that >> was previously retrieved by getxattr, like restoring a backup. > > Sure, that's what xfsdump/restore effectively does. > >> > but you need root to shoot yourself in the foot that way, and that is easily >> > solveable. >> >> What do you mean, it's easily solvable? > > forget_all_cached_acls() Brian has already suggested that in this thread. Still leaves the i_mode permission bits stale and is broken wrt. uid/gid namespaces. Andreas _______________________________________________ xfs mailing list xfs@xxxxxxxxxxx http://oss.sgi.com/mailman/listinfo/xfs
