Re: [nfsv4] Files without ACLs?

["J. Bruce Fields" <bfields at fieldses.org>]

On Wed, Jul 26, 2006 at 12:25:46PM +0200, Andreas Gruenbacher wrote:
> The two strategies I can imagine are to somehow indicate to the client that a 
> particular file "has no ACL", or to make up an ACL which represents the file 
> mode. This case is different from an empty (zero-entry) ACL, for which 
> RFC3530 defines that the result is undefined. (I interpret undefined as 
> either always denied or always allowed, rather than defined by the mask 
> attribute).

It could mean whatever you want, but I think every current
implementation probably takes that to mean a deny, and the current 4.1
draft says it's a deny.  (Assuming it's just a case of reaching the end
of the ACL while still having permission bits neither allowed nor
denied.)

> My interpretation of the definition of the GETATTR is that when the server 
> indicates ACL support it must return ACLs for all files, and it's illegal to 
> not include an ACL in the return value of GETATTR if the client requests the 
> ACL. Is this correct?

I believe that's correct.

--b.

_______________________________________________
nfsv4 mailing list
nfsv4 at ietf.org
https://www1.ietf.org/mailman/listinfo/nfsv4