New ZFS "passthrough" ACL inheritance rules [PSARC/2008/231 FastTrack timeout 04/08/2008]
Don Cragun
don.cragun at sun.com
Tue Apr 1 10:51:30 PDT 2008
>Date: Tue, 01 Apr 2008 11:32:06 -0600
>From: Mark Shellenbaum <Mark.Shellenbaum at Sun.COM>
>
>Darren J Moffat wrote:
>> Since this proposed behaviour is the default for ACLs on UFS why isn't
>> it the default for ZFS too ?
>
>I'm more than willing to make this the default behavior for ZFS, but it
>will affect POSIX compliance. If thats alright with everyone then I can
>change it to be the default.
I believe that the default should be POSIX compliant. Let
administrators specify options if they want non-standard behavior.
>
>>
>> Also shouldn't "secure" be "posix" because "secure" is subjective and
>> relative.
>>
>
>secure is what it was called in the original ZFS ARC case. I can change
>it to "posix" if you want. My only concern would be if users have
>become accustomed to its present value.
ACLs are not in POSIX. (POSIX does, however, specify two classes of
extended access control mechanisms [known as "additional file access
control mechanisms" and "alternate file access control mechanisms"] and
specifies interactions between chmod() and these classes of file access
control mechanisms. ACLs can be added as additional and/or alternate
file access control mechanism as long as the interactions follow the
standards.)
- Don
>
>> Is changing the default value of aclinherit considered to painful ?
>
>No, this is actually a very small code change.
>
>>
>> --
>> Darren J Moffat
More information about the opensolaris-arc
mailing list