I am sponsoring the following fast-track for Paul Henson. This case
makes a minor modification to the behavior originally introduced
by PSARC/2008/659. That case introduced the 'passthrough-x' property
value for the zfs aclinherit property. Requested binding is
patch/micro. Timeout is 1/14/2010.
Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI
This information is Copyright 2010 Sun Microsystems
1. Introduction
1.1. Project/Component Working Name:
Modified ZFS passthrough-x ACL inheritance
1.2. Name of Document Author/Supplier:
Author: Paul Henson
1.3 Date of This Document:
07 January, 2010
4. Technical Description
SUMMARY:
This proposal updates the ZFS aclinherit property value
"passthrough-x" to apply to all ACEs rather than just the
special ACEs.
PROBLEM:
The changes introduced by:
PSARC/2008/659 New ZFS "passthrough-x" ACL inheritance rules
allow an administrator to optionally include the execute bit from
the file creation mode into the inherited ACL, which provides the
ability to have a single set of inherited ACEs result in the
correct permissions for both a data file and an executable file.
However, the current "passthrough-x" implementation only
performs the optional inheritance on the three special ACEs, any
other inherited ACEs will unconditionally inherit the execute
permission, resulting in a data file with unnecessary and unwanted
execute permissions.
PROPOSED SOLUTION:
Update the aclinherit "passthrough-x" property value such that the
ACE_EXECUTE permission will be optionally inherited for all ACEs,
not just the special ACEs.
EXAMPLES:
First, look at an example of current behavior. The following ACL exists
on a directory.
$ ls -dV testdir
owner@:rwxpdDaARWcC--:-di---:allow
owner@:rwxpdDaARWcC--:------:allow
group@:--x---a-R-c---:-di---:allow
group@:--x---a-R-c---:------:allow
everyone@:--x---a-R-c---:-di---:allow
everyone@:--x---a-R-c---:------:allow
owner@:rwxpdDaARWcC--:f-i---:allow
group@:--------------:f-i---:allow
everyone@:--------------:f-i---:allow
user:henson:rwxpdDaARWcC--:f-i---:allow
group:cpp:rwxpdDaARWcC--:f-i---:allow
When a file is created, it has this ACL:
$ touch file
$ ls -V file
-rw-------+ 1 root sys 0 Dec 22 13:04 file
owner@:rw-pdDaARWcC--:------:allow
group@:--------------:------:allow
everyone@:--------------:------:allow
user:henson:rwxpdDaARWcC--:------:allow
group:cpp:rwxpdDaARWcC--:------:allow
While the special owner@ ACE did not inherit the ACE_EXECUTE
permission, the non-special ACEs did, resulting in incorrect
execute permissions on the data file.
With the proposed new "passthrough-x" behavior, the same set of
inherited ACEs would result in the following permissions being
set on the data file:
-rw-------+ 1 root sys 0 Dec 22 13:04 file
owner@:rw-pdDaARWcC--:------:allow
group@:--------------:------:allow
everyone@:--------------:------:allow
user:henson:rw-pdDaARWcC--:------:allow
group:cpp:rw-pdDaARWcC--:------:allow
This change will allow consistancy in the inheritance of
ACE_EXECUTE permissions for all ACL entries.
MANPAGE DIFFS
$ diff zfs.txt.new zfs.txt
677,679c677,679
< passthrough, except that all ACEs inherit the execute
< permission only if the file creation mode also requests
< the execute bit.
---
> passthrough, except that the owner@, group@, and every-
> one@ ACEs inherit the execute permission only if the
> file creation mode also requests the execute bit.
6. Resources and Schedule
6.4. Steering Committee requested information
6.4.1. Consolidation C-team Name:
ON
6.5. ARC review type: FastTrack
6.6. ARC Exposure: open
