[NFS] Re: [Acl-Devel] NFS ACL support...
Spencer Shepler
shepler at eng.sun.com
Wed Nov 15 23:12:02 GMT 2000
On Wed, Andreas Gruenbacher wrote:
> On Wed, 15 Nov 2000, Dominik Kubla wrote:
>
> > [Please pardon me for addressing three lists at once, but since it
> > somehow touches all bases, i thought it best. -dbk]
> >
> > Ok folks, here we go...
> >
> > I checked Solaris, Tru64, HP-UX, Irix, AIX and TrustedBSD to see how
> > they do it. Here are the results:
> >
> > Server Client
> > Solaris nfsd mount
> > Tru64 proplistd mount -o proplist
> > HP-UX ------------- no ACL over NFS -------------------
> > Irix -------- only with Trusted Irix/B --------------- (see OB1)
> > AIX4 ------------- no ACL over NFS ------------------- (correct?)
AIX/NFS does have ACL support. It relies on an RPC program that is
different than Sun's solution; essentially a transfer of AIX's own
format/implementation.
<snip>
> > The Tru64 solution would fit the current EA/ACL scheme best, since it
> > is not limited to "just" ACL. However i couldn't get any info on it
> > apart from the man pages. No RPC template file, nothing. But since
> > both TrustedBSD and Linux use EA's to store ACL's (and FS-based CAP's)
> > it would make sense to implement something like this.
>
> There has been a discussion on extended attribute support on linux-fsdevel
> recently. The API my patch implements is somewhat too limited for the
> general case, so somebody will have to change the design, implementation,
> documentation, etc. I'm not sure I'll have enough time for that soon.
>
> NFSv4 seems to cover ACLs and extended attributes, but they don't use the
> same interface.
Right. NFSv4 defines ACL support as a "recommended" file attribute
and defines the semantics for interpretation. Extended attributes
(NFSv4 calls them named attributes) are opaque byte streams attached
to the filesystem object. No interpretation semantics are defined for
named attributes and it is expected that they are generally created an
interpreted by applications.
Linux NFSv4 implementation work is occurring at Umich/CITI. Check out
http://www.citi.umich.edu/projects/nfsv4/index.html for more info and
contact Andy there for specifics.
> So I guess a long-term solution would be to work on NFSv4
> support for Linux ACLs and EA's.
Personally, I think that NFSv4 is the way to go for support of ACLs
and EAs for distributed filesystems. However, you may choose to
ignore this opinion since I am one of the authors of the NFSv4
specification. :-)
--
- Spencer -
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list