New ZFS "passthrough" ACL inheritance rules [PSARC/2008/231 FastTrack timeout 04/08/2008]
Mark Shellenbaum
Mark.Shellenbaum at Sun.COM
Tue Apr 1 11:45:10 PDT 2008
Darren J Moffat wrote:
> Mark Shellenbaum wrote:
>> Darren J Moffat wrote:
>>> Since this proposed behaviour is the default for ACLs on UFS why
>>> isn't it the default for ZFS too ?
>>
>> I'm more than willing to make this the default behavior for ZFS, but
>> it will affect POSIX compliance. If thats alright with everyone then
>> I can change it to be the default.
>
> Would this be the one and only setting that means that a ZFS dataset
> wouldn't be in a POSIX compliant configuration by default ? If it is
> then I would say it shouldn't be changed. However if there are others
> then IMO the default ACL behaviour should be the one that matches NFSv4
> and what people expect of ACLs regardless of what POSIX thinks.
>
Lets leave the default as it is, and have the new inheritance behavior
only take place under "passthrough". We can always change this later
with another fast track.
>
>>>
>>> Also shouldn't "secure" be "posix" because "secure" is subjective and
>>> relative.
>>>
>>
>> secure is what it was called in the original ZFS ARC case. I can
>> change it to "posix" if you want. My only concern would be if users
>> have become accustomed to its present value.
>
> What about an alias ?
>
How about I rename "secure" to "restricted" and have an alias for "secure".
-Mark
More information about the opensolaris-arc
mailing list