Extending text-format ACLs
Tim Kientzle
tim at kientzle.com
Wed Apr 14 03:58:49 GMT 2004
Robert Watson wrote:
> On Mon, 5 Apr 2004, Tim Kientzle wrote:
>
>>POSIX.1e draft 17 seems to overlook a critical point: archived ACL
>>information *MUST* contain both username/groupname and uid/gid. ...
>>Joerg Schilling's solution with 'star' was to add an ID field, e.g.,
>> user:testuser:rw-:1798
>
> I'm not convinced POSIX.1e actually thinks it is reasonable to accept the
> above format, but I'm also fine with us either choosing to be more liberal
> in what we accept, or in adding extended interfaces that interpret the
> alternative format.
Hmmm... I guess you're reading the following differently than I am:
POSIX.1e Draft 17, 23.3.1 "Long Text Form for ACLs"
" ... Each <acl_entry> line shall contain one ACL entry
with three required colon-separated fields ... An implementation
may define additional colon-separated fields after the required
fields. ..."
As I said above, the failure to have both textual names and numeric
IDs in the portable text format is a serious shortcoming. At the
very least, I would encourage text_to_acl() to recognize and support
Joerg Schilling's extension, and encourage acl_to_text to (at a minimum)
include the ID in a comment field. (Which is certainly permitted by
the draft.)
> I seem to recall ... acl_to_text() on Linux that accepts a
> flags argument, which can be used to specify interest in the abbreviated
> ("short") ACL format as output, etc
This is a very good idea. Internally, libarchive does something
very much like this. But then again, it needs to parse and construct
a number of very different formats. If there's precedent on Linux for
this, I would encourage FreeBSD to adopt it as well.
Tim
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list