RE: Problems with the lack of a real RO bit with Samba ...
Richard: Please define "an appropriate ACL on the file". Yes, it could have significant impact. Is there are problem with the current way it's set (RO == owner "r" mode)? Ken Ken Cross Network Storage Solutions Phone 865.675.4070 ext 31 [EMAIL PROTECTED] > -Original Message- > From: > [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] > amba.org] On Behalf Of Richard Sharpe > Sent: Wednesday, February 19, 2003 5:22 PM > To: [EMAIL PROTECTED] > Subject: Problems with the lack of a real RO bit with Samba ... > > > Hi, > > I am currently engaged in a debate about the desirability of > implementing > a real RO bit in our file system (we already have HIDDEN, SYSTEM, and > ARCHIVE bits). The problem with RO is that it requires some real > semantics, and you have to worry about UNIX semantics when files are > shared between Windows and UNIX. > > The current proposal is to do something like what Samba does, > synthesize > the RO bit with ACLs on the file/object. > > Now, Windows has a RO bit and ACLS, and you can have ACLs on > the file that > give everyone WRITE access, while the RO bit gives no one > WRITE access. > > My question is, is anyone aware of any real application that would be > confused if the RO bit were synthesized by setting an > appropriate ACL on > the file? > > I am aware that this could mean that if an inappropriate ACL > were added to > the file, perhaps by mistake (when setting ACLs on all files > in a tree), > the RO bit could disappear. > > Regards > - > Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, > sharpe[at]ethereal.com, http://www.richardsharpe.com >
RE: Problems with the lack of a real RO bit with Samba ...
On Wed, 19 Feb 2003, Ken Cross wrote: > Richard: > > Please define "an appropriate ACL on the file". That I am not sure of yet :-) > Yes, it could have significant impact. Is there are problem with the > current way it's set (RO == owner "r" mode)? In our file system, UNIX permission bits are synthesized from ACLs on the file objects :-) Can you give me an idea of the 'significant impact'? I am trying to convince our file system guys that we need a separate RO attribute to accompany the other attributes (like Hidden, System, etc). Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Problems with the lack of a real RO bit with Samba ...
Richard Sharpe wrote: Now, Windows has a RO bit and ACLS, and you can have ACLs on the file that give everyone WRITE access, while the RO bit gives no one WRITE access. My question is, is anyone aware of any real application that would be confused if the RO bit were synthesized by setting an appropriate ACL on the file? The Windows NT 4.0 "replication" Service is confused by the way that the RO bit works now. It copies the attribute to the destination directory, and then has problem because it can not deal with the fact that it no longer has permission to modify the file, even if it does not have to change the file. I do not know if Windows 2000 has that feature. I have seen reports on this list of applications playing with the Archive bit and getting confused when it does not work right. The same may be true of the Readonly bit. However since SAMBA is not doing it the Microsoft Windows way, there will likely be confusion no matter what you do. I recommend erring on the side of compatability with Microsoft Windows. I am aware that this could mean that if an inappropriate ACL were added to the file, perhaps by mistake (when setting ACLs on all files in a tree), the RO bit could disappear. On OpenVMS, You can give some entries in an ACL a "PROTECTED" attribute. Then it is harder to have such accidents. Of course that makes "PROTECTED" attributes a pain to work with at times. -John [EMAIL PROTECTED] Personal Opinion Only
Re: Problems with the lack of a real RO bit with Samba ...
Richard Sharpe wrote: On Wed, 19 Feb 2003, Ken Cross wrote: Yes, it could have significant impact. Is there are problem with the current way it's set (RO == owner "r" mode)? That does not match the way it works on an NT server. And there is a significant difference. In our file system, UNIX permission bits are synthesized from ACLs on the file objects :-) Can you give me an idea of the 'significant impact'? I am trying to convince our file system guys that we need a separate RO attribute to accompany the other attributes (like Hidden, System, etc). RO is special. On Windows NT, It has precedence over all other attributes. Even "Administrator" access can not override RO. So for the filesystem to work correctly with SAMBA as PC users would expect, not only do you need a RO permision, you need logic to make sure that it overrides all other ACLs that would otherwise grant write access. It is probably sufficient to leave that "root" can override readonly, but nothing else should be able to, or it will not function as PC users expect. I am assuming that this is a LINUX filesystem that you are designing? -John [EMAIL PROTECTED] Personal Opinion Only
Re: Problems with the lack of a real RO bit with Samba ...
On Wed, 19 Feb 2003, John E. Malmberg wrote: > Richard Sharpe wrote: > > On Wed, 19 Feb 2003, Ken Cross wrote: > > > >>Yes, it could have significant impact. Is there are problem with the > >>current way it's set (RO == owner "r" mode)? > > That does not match the way it works on an NT server. And there is a > significant difference. Indeed ... > > In our file system, UNIX permission bits are synthesized from ACLs on the > > file objects :-) > > > > Can you give me an idea of the 'significant impact'? > > > > I am trying to convince our file system guys that we need a separate RO > > attribute to accompany the other attributes (like Hidden, System, etc). > > RO is special. On Windows NT, It has precedence over all other > attributes. Even "Administrator" access can not override RO. > > So for the filesystem to work correctly with SAMBA as PC users would > expect, not only do you need a RO permision, you need logic to make sure > that it overrides all other ACLs that would otherwise grant write access. > > It is probably sufficient to leave that "root" can override readonly, > but nothing else should be able to, or it will not function as PC users > expect. Actually, we squash root as well. The test for RO has to be done before any access permisions are checked. > I am assuming that this is a LINUX filesystem that you are designing? Nope. I am not designing it, but we are doing a file system that supports Windows and UNIX access, along with high-bandwidth IO. Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: Problems with the lack of a real RO bit with Samba ...
Richard Sharpe wrote: On Wed, 19 Feb 2003, John E. Malmberg wrote: I am assuming that this is a LINUX filesystem that you are designing? Nope. I am not designing it, but we are doing a file system that supports Windows and UNIX access, along with high-bandwidth IO. Now I am curious. Is this an open-source project or a private one? -John [EMAIL PROTECTED] Personal Opinion Only
