-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
The acltype property is currently hidden on FreeBSD and does not reflect the NFSv4 style ZFS ACLs used on the platform. This makes it difficult to observe that a pool imported from FreeBSD on Linux has a different type of ACL that is being ignored, and vice versa. Add an nfsv4 acltype and expose the property on FreeBSD. Make the default acltype nfsv4 on FreeBSD. Setting acltype to an unhandled style is treated the same as setting it to off. The ACLs will not be removed, but they will be ignored. Rename posixacl to posix and prefer off to noacl throughout. The Linux mount options remain named posixacl and noacl to avoid ambiguity and breaking existing configurations. To the latter end, also retain posixacl and noacl values for acltype as aliases. Signed-off-by: Ryan Moeller <[email protected]>
- Loading branch information
Ryan Moeller
authored and
Ryan Moeller
committed
Sep 1, 2020
1 parent
88d19d7
commit 1447e85
Showing
20 changed files
with
148 additions
and
76 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -19,8 +19,12 @@ | |
* CDDL HEADER END | ||
*/ | ||
/* | ||
* Copyright 2007 Sun Microsystems, Inc. All rights reserved. | ||
* Copyright 2009 Sun Microsystems, Inc. All rights reserved. | ||
* Use is subject to license terms. | ||
* | ||
* Copyright 2014 Garrett D'Amore <[email protected]> | ||
* Copyright 2014 Nexenta Systems, Inc. All rights reserved. | ||
* Copyright 2017 RackTop Systems. | ||
*/ | ||
|
||
#ifndef _SYS_ACL_H | ||
|
@@ -75,23 +79,24 @@ typedef struct acl_info acl_t; | |
/* | ||
* The following are defined for ace_t. | ||
*/ | ||
#define ACE_READ_DATA 0x00000001 | ||
#define ACE_LIST_DIRECTORY 0x00000001 | ||
#define ACE_WRITE_DATA 0x00000002 | ||
#define ACE_ADD_FILE 0x00000002 | ||
#define ACE_APPEND_DATA 0x00000004 | ||
#define ACE_ADD_SUBDIRECTORY 0x00000004 | ||
#define ACE_READ_NAMED_ATTRS 0x00000008 | ||
#define ACE_WRITE_NAMED_ATTRS 0x00000010 | ||
#define ACE_EXECUTE 0x00000020 | ||
#define ACE_DELETE_CHILD 0x00000040 | ||
#define ACE_READ_ATTRIBUTES 0x00000080 | ||
#define ACE_WRITE_ATTRIBUTES 0x00000100 | ||
#define ACE_DELETE 0x00010000 | ||
#define ACE_READ_ACL 0x00020000 | ||
#define ACE_WRITE_ACL 0x00040000 | ||
#define ACE_WRITE_OWNER 0x00080000 | ||
#define ACE_SYNCHRONIZE 0x00100000 | ||
#define ACE_READ_DATA 0x00000001 /* file: read data */ | ||
#define ACE_LIST_DIRECTORY 0x00000001 /* dir: list files */ | ||
#define ACE_WRITE_DATA 0x00000002 /* file: write data */ | ||
#define ACE_ADD_FILE 0x00000002 /* dir: create file */ | ||
#define ACE_APPEND_DATA 0x00000004 /* file: append data */ | ||
#define ACE_ADD_SUBDIRECTORY 0x00000004 /* dir: create subdir */ | ||
#define ACE_READ_NAMED_ATTRS 0x00000008 /* FILE_READ_EA */ | ||
#define ACE_WRITE_NAMED_ATTRS 0x00000010 /* FILE_WRITE_EA */ | ||
#define ACE_EXECUTE 0x00000020 /* file: execute */ | ||
#define ACE_TRAVERSE 0x00000020 /* dir: lookup name */ | ||
#define ACE_DELETE_CHILD 0x00000040 /* dir: unlink child */ | ||
#define ACE_READ_ATTRIBUTES 0x00000080 /* (all) stat, etc. */ | ||
#define ACE_WRITE_ATTRIBUTES 0x00000100 /* (all) utimes, etc. */ | ||
#define ACE_DELETE 0x00010000 /* (all) unlink self */ | ||
#define ACE_READ_ACL 0x00020000 /* (all) getsecattr */ | ||
#define ACE_WRITE_ACL 0x00040000 /* (all) setsecattr */ | ||
#define ACE_WRITE_OWNER 0x00080000 /* (all) chown */ | ||
#define ACE_SYNCHRONIZE 0x00100000 /* (all) */ | ||
|
||
#define ACE_FILE_INHERIT_ACE 0x0001 | ||
#define ACE_DIRECTORY_INHERIT_ACE 0x0002 | ||
|
@@ -116,8 +121,6 @@ typedef struct acl_info acl_t; | |
#define ACL_FLAGS_ALL (ACL_AUTO_INHERIT|ACL_PROTECTED| \ | ||
ACL_DEFAULTED) | ||
|
||
#ifdef _KERNEL | ||
|
||
/* | ||
* These are only applicable in a CIFS context. | ||
*/ | ||
|
@@ -137,6 +140,8 @@ typedef struct acl_info acl_t; | |
|
||
#define ACE_ALL_TYPES 0x001F | ||
|
||
#if defined(_KERNEL) | ||
|
||
typedef struct ace_object { | ||
uid_t a_who; /* uid or gid */ | ||
uint32_t a_access_mask; /* read,write,... */ | ||
|
@@ -154,6 +159,21 @@ typedef struct ace_object { | |
ACE_WRITE_ATTRIBUTES|ACE_DELETE|ACE_READ_ACL|ACE_WRITE_ACL| \ | ||
ACE_WRITE_OWNER|ACE_SYNCHRONIZE) | ||
|
||
#define ACE_ALL_WRITE_PERMS (ACE_WRITE_DATA|ACE_APPEND_DATA| \ | ||
ACE_WRITE_ATTRIBUTES|ACE_WRITE_NAMED_ATTRS|ACE_WRITE_ACL| \ | ||
ACE_WRITE_OWNER|ACE_DELETE|ACE_DELETE_CHILD) | ||
|
||
#define ACE_READ_PERMS (ACE_READ_DATA|ACE_READ_ACL|ACE_READ_ATTRIBUTES| \ | ||
ACE_READ_NAMED_ATTRS) | ||
|
||
#define ACE_WRITE_PERMS (ACE_WRITE_DATA|ACE_APPEND_DATA|ACE_WRITE_ATTRIBUTES| \ | ||
ACE_WRITE_NAMED_ATTRS) | ||
|
||
#define ACE_MODIFY_PERMS (ACE_READ_DATA|ACE_LIST_DIRECTORY|ACE_WRITE_DATA| \ | ||
ACE_ADD_FILE|ACE_APPEND_DATA|ACE_ADD_SUBDIRECTORY|ACE_READ_NAMED_ATTRS| \ | ||
ACE_WRITE_NAMED_ATTRS|ACE_EXECUTE|ACE_DELETE_CHILD|ACE_READ_ATTRIBUTES| \ | ||
ACE_WRITE_ATTRIBUTES|ACE_DELETE|ACE_READ_ACL|ACE_SYNCHRONIZE) | ||
|
||
/* | ||
* The following flags are supported by both NFSv4 ACLs and ace_t. | ||
*/ | ||
|
@@ -217,6 +237,7 @@ typedef struct ace_object { | |
#define ACL_APPEND_ID 0x1 /* append uid/gid to user/group entries */ | ||
#define ACL_COMPACT_FMT 0x2 /* build ACL in ls -V format */ | ||
#define ACL_NORESOLVE 0x4 /* don't do name service lookups */ | ||
#define ACL_SID_FMT 0x8 /* use usersid/groupsid when appropriate */ | ||
|
||
/* | ||
* Legacy aclcheck errors for aclent_t ACLs | ||
|
@@ -272,13 +293,8 @@ extern int cmp2acls(void *, void *); | |
|
||
#endif /* !defined(_KERNEL) */ | ||
|
||
#if defined(__STDC__) | ||
extern int acl(const char *path, int cmd, int cnt, void *buf); | ||
extern int facl(int fd, int cmd, int cnt, void *buf); | ||
#else /* !__STDC__ */ | ||
extern int acl(); | ||
extern int facl(); | ||
#endif /* defined(__STDC__) */ | ||
|
||
#ifdef __cplusplus | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.