From patchwork Sat May 14 14:44:31 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Trond Myklebust X-Patchwork-Id: 12849845 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 105A1C4332F for ; Sat, 14 May 2022 14:51:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233419AbiENOvO (ORCPT ); Sat, 14 May 2022 10:51:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45694 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233700AbiENOvD (ORCPT ); Sat, 14 May 2022 10:51:03 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 538423466D for ; Sat, 14 May 2022 07:50:44 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id E36AD60F69 for ; Sat, 14 May 2022 14:50:43 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id F057CC34117; Sat, 14 May 2022 14:50:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1652539843; bh=4H5VhiOzuNnAER7m+K0HBmbaoSkrPy7gUzvAMCNReZY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Eu9viniaghDuWVypbYsj+6tty4DGUlf4dR3SWs5qTpInQ0saUnFE0/8hWD26NJYaS +6h3dNTNPmL2917+ZB7cR6E0/Kh0YxzInrp7w2lyc0+1PYMkemVQYhBSH5OeYrV/xL CWBymxxlC588ANYAeODzOX/38yK36S9/ERU0/YJU5NsvudZA08rzGyAxc7PtorimCZ 3B+QYb3TzVANqGBtDyMr5JwDxDhxEa3txevRsC96nHrxMUsjpPdUVBYm1GQN4YzC6a I7VhFNgZ7eq5DX/ltxEy5BJ0PDdP+2H+P+0V4+WgOy6eYpKCcy4eZ1Wkazcq7YzRbw nH+ZiHVlilPzg== From: trondmy@kernel.org To: Steve Dickson , "J.Bruce Fields" Cc: linux-nfs@vger.kernel.org Subject: [PATCH 1/6] libnfs4acl: Add helpers to set the dacl and sacl Date: Sat, 14 May 2022 10:44:31 -0400 Message-Id: <20220514144436.4298-2-trondmy@kernel.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220514144436.4298-1-trondmy@kernel.org> References: <20220514144436.4298-1-trondmy@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org From: Trond Myklebust Add helper functions to set the NFSv4.1 dacl and sacl attributes. Signed-off-by: Trond Myklebust --- include/libacl_nfs4.h | 9 +++++ libnfs4acl/Makefile | 2 + libnfs4acl/nfs4_getacl.c | 83 ++++++++++++++++++++++++++++++++++++++++ libnfs4acl/nfs4_setacl.c | 49 ++++++++++++++++++++++++ 4 files changed, 143 insertions(+) create mode 100644 libnfs4acl/nfs4_getacl.c create mode 100644 libnfs4acl/nfs4_setacl.c diff --git a/include/libacl_nfs4.h b/include/libacl_nfs4.h index d3786c3fabdc..76bbe90af54d 100644 --- a/include/libacl_nfs4.h +++ b/include/libacl_nfs4.h @@ -123,6 +123,8 @@ /* NFS4 acl xattr name */ #define ACL_NFS4_XATTR "system.nfs4_acl" +#define DACL_NFS4_XATTR "system.nfs4_dacl" +#define SACL_NFS4_XATTR "system.nfs4_sacl" /* Macro for finding empty tailqs */ #define TAILQ_IS_EMPTY(head) (head.tqh_first == NULL) @@ -152,6 +154,13 @@ TAILQ_HEAD(ace_container_list_head, ace_container); /**** Public functions ****/ +extern struct nfs4_acl * nfs4_getacl(const char *path); +extern struct nfs4_acl * nfs4_getdacl(const char *path); +extern struct nfs4_acl * nfs4_getsacl(const char *path); +extern int nfs4_setacl(const char *path, struct nfs4_acl *acl); +extern int nfs4_setdacl(const char *path, struct nfs4_acl *acl); +extern int nfs4_setsacl(const char *path, struct nfs4_acl *acl); + /** Manipulation functions **/ extern int acl_nfs4_set_who(struct nfs4_ace*, int, char*); extern struct nfs4_acl * acl_nfs4_copy_acl(struct nfs4_acl *); diff --git a/libnfs4acl/Makefile b/libnfs4acl/Makefile index a598d4ee141f..556b59535e26 100644 --- a/libnfs4acl/Makefile +++ b/libnfs4acl/Makefile @@ -92,6 +92,8 @@ LIBACL_NFS4_CFILES = \ nfs4_get_ace_access.c \ nfs4_get_ace_flags.c \ nfs4_get_ace_type.c \ + nfs4_getacl.c \ + nfs4_setacl.c \ nfs4_insert_file_aces.c \ nfs4_insert_string_aces.c \ nfs4_free_acl.c \ diff --git a/libnfs4acl/nfs4_getacl.c b/libnfs4acl/nfs4_getacl.c new file mode 100644 index 000000000000..753ba9167459 --- /dev/null +++ b/libnfs4acl/nfs4_getacl.c @@ -0,0 +1,83 @@ +/* + * Copyright (c) 2022, Trond Myklebust + * + * This code is free software; you can redistribute it and/or modify + * it under the terms of the GNU LESSER GENERAL PUBLIC LICENSE + * version 2.1 as published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU LESSER GENERAL PUBLIC LICENSE for more details. + */ + +#include +#include +#ifdef HAVE_ATTR_XATTR_H +# include +#else +# ifdef HAVE_SYS_XATTR_H +# include +# endif +#endif +#include +#include "libacl_nfs4.h" + +/* returns a newly-allocated struct nfs4_acl or NULL on error. */ +static struct nfs4_acl *nfs4_getacl_byname(const char *path, + const char *xattr_name) +{ + struct nfs4_acl *acl; + struct stat st; + void *buf; + ssize_t ret; + u32 iflags = NFS4_ACL_ISFILE; + + if (path == NULL || *path == 0) { + errno = EFAULT; + return NULL; + } + + /* find necessary buffer size */ + ret = getxattr(path, xattr_name, NULL, 0); + if (ret == -1) + goto err; + + buf = malloc(ret); + if (!buf) + goto err; + + /* reconstruct the ACL */ + ret = getxattr(path, xattr_name, buf, ret); + if (ret == -1) + goto err_free; + + ret = stat(path, &st); + if (ret == -1) + goto err_free; + + if (S_ISDIR(st.st_mode)) + iflags = NFS4_ACL_ISDIR; + + acl = acl_nfs4_xattr_load(buf, ret, iflags); + + free(buf); + return acl; +err_free: + free(buf); +err: + return NULL; +} + +struct nfs4_acl *nfs4_getacl(const char *path) +{ + return nfs4_getacl_byname(path, ACL_NFS4_XATTR); +} +struct nfs4_acl *nfs4_getdacl(const char *path) +{ + return nfs4_getacl_byname(path, DACL_NFS4_XATTR); +} +struct nfs4_acl *nfs4_getsacl(const char *path) +{ + return nfs4_getacl_byname(path, SACL_NFS4_XATTR); +} diff --git a/libnfs4acl/nfs4_setacl.c b/libnfs4acl/nfs4_setacl.c new file mode 100644 index 000000000000..298365ec67c5 --- /dev/null +++ b/libnfs4acl/nfs4_setacl.c @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2022, Trond Myklebust + * + * This code is free software; you can redistribute it and/or modify + * it under the terms of the GNU LESSER GENERAL PUBLIC LICENSE + * version 2.1 as published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU LESSER GENERAL PUBLIC LICENSE for more details. + */ + +#include +#include +#ifdef HAVE_ATTR_XATTR_H +# include +#else +# ifdef HAVE_SYS_XATTR_H +# include +# endif +#endif +#include "libacl_nfs4.h" + +static int nfs4_setacl_byname(const char *path, const char *xattr_name, + struct nfs4_acl *acl) +{ + char *xdrbuf = NULL; + int ret; + + ret = acl_nfs4_xattr_pack(acl, &xdrbuf); + if (ret != -1) + ret = setxattr(path, xattr_name, xdrbuf, ret, XATTR_REPLACE); + free(xdrbuf); + return ret; +} + +int nfs4_setacl(const char *path, struct nfs4_acl *acl) +{ + return nfs4_setacl_byname(path, ACL_NFS4_XATTR, acl); +} +int nfs4_setdacl(const char *path, struct nfs4_acl *acl) +{ + return nfs4_setacl_byname(path, DACL_NFS4_XATTR, acl); +} +int nfs4_setsacl(const char *path, struct nfs4_acl *acl) +{ + return nfs4_setacl_byname(path, SACL_NFS4_XATTR, acl); +} From patchwork Sat May 14 14:44:32 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Trond Myklebust X-Patchwork-Id: 12849846 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2C60BC43219 for ; Sat, 14 May 2022 14:51:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233490AbiENOvQ (ORCPT ); Sat, 14 May 2022 10:51:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45698 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233707AbiENOvD (ORCPT ); Sat, 14 May 2022 10:51:03 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9198517ABC for ; Sat, 14 May 2022 07:50:46 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 4F6D7B808CF for ; Sat, 14 May 2022 14:50:45 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 914EFC340EE; Sat, 14 May 2022 14:50:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1652539844; bh=WEC8PsRGlYw3jcNP/Ogg7WlmDdggce5Cl0kX0a7nASo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=RqvmXh5yHPLQGg4+OKwINl5mk5x74HeZvygiiGIWIMk3+QnOWm/2MmjRYsyYgjYoc sPslKIhzEhFbI6k5Z0UxuscpTxRphsPzA0MglAnLSpk57rrH2HJmym7NyoYyRmhclG IMs6UdCNWIBNp6J1I2cs79rOIbS/GhH/OiieeKNk586jVC3wOTpQiyHA+w8NR/UplK RhE17UiirkL1mfE9PfN+wKeLj4pLro4cLWoUvfXM/TKisfq7bVDL5yv7Inqvigqc5y zvqcR5SHgpmaSufORgK+b71+2YT5rxn+Lq1wXuoMLwdQrKLCEK9GoQSOL1DcDXW/xh cUBNN86IRgYig== From: trondmy@kernel.org To: Steve Dickson , "J.Bruce Fields" Cc: linux-nfs@vger.kernel.org Subject: [PATCH 2/6] libnfs4acl: Add support for the NFS4.1 ACE_INHERITED_ACE flag Date: Sat, 14 May 2022 10:44:32 -0400 Message-Id: <20220514144436.4298-3-trondmy@kernel.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220514144436.4298-2-trondmy@kernel.org> References: <20220514144436.4298-1-trondmy@kernel.org> <20220514144436.4298-2-trondmy@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org From: Trond Myklebust Use the letter 'I' to represent an inherited ACE. Signed-off-by: Trond Myklebust --- include/libacl_nfs4.h | 1 + include/nfs4.h | 1 + libnfs4acl/nfs4_ace_from_string.c | 3 +++ libnfs4acl/nfs4_get_ace_flags.c | 2 ++ nfs4_getfacl/nfs4_getfacl.c | 1 + 5 files changed, 8 insertions(+) diff --git a/include/libacl_nfs4.h b/include/libacl_nfs4.h index 76bbe90af54d..d54d82f94f97 100644 --- a/include/libacl_nfs4.h +++ b/include/libacl_nfs4.h @@ -54,6 +54,7 @@ #define FLAG_SUCCESSFUL_ACCESS 'S' #define FLAG_FAILED_ACCESS 'F' #define FLAG_GROUP 'g' +#define FLAG_INHERITED 'I' #define PERM_READ_DATA 'r' #define PERM_WRITE_DATA 'w' diff --git a/include/nfs4.h b/include/nfs4.h index da6eefb7fbc6..20bfa6b99634 100644 --- a/include/nfs4.h +++ b/include/nfs4.h @@ -62,6 +62,7 @@ #define NFS4_ACE_SUCCESSFUL_ACCESS_ACE_FLAG 0x00000010 #define NFS4_ACE_FAILED_ACCESS_ACE_FLAG 0x00000020 #define NFS4_ACE_IDENTIFIER_GROUP 0x00000040 +#define NFS4_ACE_INHERITED_ACE 0x00000080 #define NFS4_ACE_READ_DATA 0x00000001 #define NFS4_ACE_LIST_DIRECTORY 0x00000001 diff --git a/libnfs4acl/nfs4_ace_from_string.c b/libnfs4acl/nfs4_ace_from_string.c index ab8401ae0629..7f1315434435 100644 --- a/libnfs4acl/nfs4_ace_from_string.c +++ b/libnfs4acl/nfs4_ace_from_string.c @@ -209,6 +209,9 @@ struct nfs4_ace * nfs4_ace_from_string(char *ace_buf, int is_dir) case FLAG_GROUP: flags |= NFS4_ACE_IDENTIFIER_GROUP; break; + case FLAG_INHERITED: + flags |= NFS4_ACE_INHERITED_ACE; + break; default: fprintf(stderr,"Bad Ace Flag:%c\n", *field); goto out_free; diff --git a/libnfs4acl/nfs4_get_ace_flags.c b/libnfs4acl/nfs4_get_ace_flags.c index 1d28ed4b5196..1f27d17ad4cd 100644 --- a/libnfs4acl/nfs4_get_ace_flags.c +++ b/libnfs4acl/nfs4_get_ace_flags.c @@ -53,6 +53,8 @@ char* nfs4_get_ace_flags(struct nfs4_ace *ace, char *buf) *buf++ = FLAG_FAILED_ACCESS;; if (flags & NFS4_ACE_IDENTIFIER_GROUP) *buf++ = FLAG_GROUP; + if (flags & NFS4_ACE_INHERITED_ACE) + *buf++ = FLAG_INHERITED; *buf = '\0'; return bp; diff --git a/nfs4_getfacl/nfs4_getfacl.c b/nfs4_getfacl/nfs4_getfacl.c index e068095b0d6b..1222dd907c9e 100644 --- a/nfs4_getfacl/nfs4_getfacl.c +++ b/nfs4_getfacl/nfs4_getfacl.c @@ -170,6 +170,7 @@ static void more_help() " 'S' successful-access\n" " 'F' failed-access\n" " 'g' group (denotes that is a group)\n" + " 'I' inherited\n" "\n" " * - named user or group, or one of: \"OWNER@\", \"GROUP@\", \"EVERYONE@\"\n" "\n" From patchwork Sat May 14 14:44:33 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Trond Myklebust X-Patchwork-Id: 12849847 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 911A4C4167B for ; Sat, 14 May 2022 14:51:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233491AbiENOvQ (ORCPT ); Sat, 14 May 2022 10:51:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45382 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233701AbiENOvD (ORCPT ); Sat, 14 May 2022 10:51:03 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 875533466E for ; Sat, 14 May 2022 07:50:45 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 2570360F47 for ; Sat, 14 May 2022 14:50:45 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 30D94C34115; Sat, 14 May 2022 14:50:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1652539844; bh=odlxsU29+JDC0Rk+rXa/UZjb+s1xQTrvBiI3D4noiOA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=SHSCLUFn15LnWbcsIaNdo4TLIO4yGL7yQ3Knn1VmkoUU4efVHqTkv06LHCY29f/tL wysCv0FpVIIqBWcefiO5H11CVssbnR4ErjsGmNZ04k2k34fptMvH9wSaYjaIU7zdZn 7q+8C93/IVC1jAPI2sEwtXcUC5/u8AUqbQNxJtG+t/iBBySEEu16p4w8zGQRaGCB7z vWsKRqVsZ+amxuw+/78Vjt/DpDfA/F1kG2voVQvOWCOEyVBklNVjDSGNqPlvvIPbBI S9X4meRhozHm3ESWOpRrtcK6VpNaI/yVsRZMCJgLy++4Jbcl0Jbewj8bavS5Fo1zao pJBDKRHJGSoAA== From: trondmy@kernel.org To: Steve Dickson , "J.Bruce Fields" Cc: linux-nfs@vger.kernel.org Subject: [PATCH 3/6] The NFSv41 DACL and SACL prepend an extra field to the acl Date: Sat, 14 May 2022 10:44:33 -0400 Message-Id: <20220514144436.4298-4-trondmy@kernel.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220514144436.4298-3-trondmy@kernel.org> References: <20220514144436.4298-1-trondmy@kernel.org> <20220514144436.4298-2-trondmy@kernel.org> <20220514144436.4298-3-trondmy@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org From: Trond Myklebust The ACL flags describe the inheritance mode of the acl: - AUTO_INHERIT - PROTECTED - DEFAULTED Signed-off-by: Trond Myklebust --- include/libacl_nfs4.h | 8 ++++++++ include/nfs4.h | 5 +++++ libnfs4acl/acl_nfs4_copy_acl.c | 2 ++ libnfs4acl/acl_nfs4_xattr_load.c | 14 +++++++++++++- libnfs4acl/acl_nfs4_xattr_pack.c | 22 +++++++++++++++++----- libnfs4acl/nfs4_getacl.c | 11 ++++++----- libnfs4acl/nfs4_new_acl.c | 1 + libnfs4acl/nfs4_setacl.c | 10 +++++----- 8 files changed, 57 insertions(+), 16 deletions(-) diff --git a/include/libacl_nfs4.h b/include/libacl_nfs4.h index d54d82f94f97..a486390ac170 100644 --- a/include/libacl_nfs4.h +++ b/include/libacl_nfs4.h @@ -142,6 +142,12 @@ typedef u_int32_t u32; +enum acl_type { + ACL_TYPE_ACL, + ACL_TYPE_DACL, + ACL_TYPE_SACL +}; + enum { ACL_NFS4_NOT_USED = 0, ACL_NFS4_USED }; @@ -166,7 +172,9 @@ extern int nfs4_setsacl(const char *path, struct nfs4_acl *acl); extern int acl_nfs4_set_who(struct nfs4_ace*, int, char*); extern struct nfs4_acl * acl_nfs4_copy_acl(struct nfs4_acl *); extern struct nfs4_acl * acl_nfs4_xattr_load(char *, int, u32); +extern struct nfs4_acl * acl_nfs41_xattr_load(char *, int, u32, enum acl_type); extern int acl_nfs4_xattr_pack(struct nfs4_acl *, char**); +extern int acl_nfs41_xattr_pack(struct nfs4_acl *, char**, enum acl_type); extern int acl_nfs4_xattr_size(struct nfs4_acl *); extern void nfs4_free_acl(struct nfs4_acl *); diff --git a/include/nfs4.h b/include/nfs4.h index 20bfa6b99634..d15482e8a720 100644 --- a/include/nfs4.h +++ b/include/nfs4.h @@ -55,6 +55,10 @@ #define ACL4_SUPPORT_AUDIT_ACL 0x04 #define ACL4_SUPPORT_ALARM_ACL 0x08 +#define NFS4_ACL_AUTO_INHERIT 0x00000001 +#define NFS4_ACL_PROTECTED 0x00000002 +#define NFS4_ACL_DEFAULTED 0x00000004 + #define NFS4_ACE_FILE_INHERIT_ACE 0x00000001 #define NFS4_ACE_DIRECTORY_INHERIT_ACE 0x00000002 #define NFS4_ACE_NO_PROPAGATE_INHERIT_ACE 0x00000004 @@ -126,6 +130,7 @@ struct nfs4_acl { u_int32_t naces; u_int32_t is_directory; struct ace_list_head ace_head; + u_int32_t aclflag; }; typedef struct { char data[NFS4_VERIFIER_SIZE]; } nfs4_verifier; diff --git a/libnfs4acl/acl_nfs4_copy_acl.c b/libnfs4acl/acl_nfs4_copy_acl.c index cf09173badc0..7a6d83b1ca64 100644 --- a/libnfs4acl/acl_nfs4_copy_acl.c +++ b/libnfs4acl/acl_nfs4_copy_acl.c @@ -54,6 +54,8 @@ struct nfs4_acl * acl_nfs4_copy_acl(struct nfs4_acl * acl) if (new_acl == NULL) goto failed; + new_acl->aclflag = acl->aclflag; + ace = nfs4_get_first_ace(acl); nace = 1; diff --git a/libnfs4acl/acl_nfs4_xattr_load.c b/libnfs4acl/acl_nfs4_xattr_load.c index 089a139142b1..c747e8dac225 100644 --- a/libnfs4acl/acl_nfs4_xattr_load.c +++ b/libnfs4acl/acl_nfs4_xattr_load.c @@ -38,7 +38,8 @@ #include "libacl_nfs4.h" -struct nfs4_acl * acl_nfs4_xattr_load(char *xattr_v, int xattr_size, u32 is_dir) +struct nfs4_acl *acl_nfs41_xattr_load(char *xattr_v, int xattr_size, u32 is_dir, + enum acl_type acl_type) { struct nfs4_acl *acl; struct nfs4_ace *ace; @@ -61,6 +62,12 @@ struct nfs4_acl * acl_nfs4_xattr_load(char *xattr_v, int xattr_size, u32 is_dir) return NULL; } + if (acl_type == ACL_TYPE_DACL || acl_type == ACL_TYPE_SACL) { + acl->aclflag = (u32)ntohl(*((u32*)(bufp))); + bufp += sizeof(u32); + bufs -= sizeof(u32); + } + /* Grab the number of aces in the acl */ num_aces = (u32)ntohl(*((u32*)(bufp))); @@ -180,3 +187,8 @@ err1: nfs4_free_acl(acl); return NULL; } + +struct nfs4_acl *acl_nfs4_xattr_load(char *xattr_v, int xattr_size, u32 is_dir) +{ + return acl_nfs41_xattr_load(xattr_v, xattr_size, is_dir, ACL_TYPE_ACL); +} diff --git a/libnfs4acl/acl_nfs4_xattr_pack.c b/libnfs4acl/acl_nfs4_xattr_pack.c index 7c281feed496..2bd3b1b1a229 100644 --- a/libnfs4acl/acl_nfs4_xattr_pack.c +++ b/libnfs4acl/acl_nfs4_xattr_pack.c @@ -37,11 +37,12 @@ #include "libacl_nfs4.h" #include -int acl_nfs4_xattr_pack(struct nfs4_acl * acl, char** bufp) +int acl_nfs41_xattr_pack(struct nfs4_acl * acl, char** bufp, + enum acl_type acl_type) { struct nfs4_ace * ace; int buflen; - int rbuflen; + int rbuflen = 0; int num_aces; int ace_num; int wholen; @@ -58,6 +59,9 @@ int acl_nfs4_xattr_pack(struct nfs4_acl * acl, char** bufp) if (buflen < 0) goto failed; + if (acl_type == ACL_TYPE_DACL || acl_type == ACL_TYPE_SACL) + buflen += sizeof(u32); + *bufp = (char*) malloc(buflen); if (*bufp == NULL) { errno = ENOMEM; @@ -67,11 +71,17 @@ int acl_nfs4_xattr_pack(struct nfs4_acl * acl, char** bufp) p = *bufp; + if (acl_type == ACL_TYPE_DACL || acl_type == ACL_TYPE_SACL) { + *((u32*)p) = htonl(acl->aclflag); + rbuflen += sizeof(u32); + p += sizeof(u32); + } + num_aces = acl->naces; *((u32*)p) = htonl(num_aces); - rbuflen = sizeof(u32); + rbuflen += sizeof(u32); p += sizeof(u32); ace = nfs4_get_first_ace(acl); @@ -140,5 +150,7 @@ failed: return -1; } - - +int acl_nfs4_xattr_pack(struct nfs4_acl * acl, char** bufp) +{ + return acl_nfs41_xattr_pack(acl, bufp, ACL_TYPE_ACL); +} diff --git a/libnfs4acl/nfs4_getacl.c b/libnfs4acl/nfs4_getacl.c index 753ba9167459..7821da3885fe 100644 --- a/libnfs4acl/nfs4_getacl.c +++ b/libnfs4acl/nfs4_getacl.c @@ -25,7 +25,8 @@ /* returns a newly-allocated struct nfs4_acl or NULL on error. */ static struct nfs4_acl *nfs4_getacl_byname(const char *path, - const char *xattr_name) + const char *xattr_name, + enum acl_type type) { struct nfs4_acl *acl; struct stat st; @@ -59,7 +60,7 @@ static struct nfs4_acl *nfs4_getacl_byname(const char *path, if (S_ISDIR(st.st_mode)) iflags = NFS4_ACL_ISDIR; - acl = acl_nfs4_xattr_load(buf, ret, iflags); + acl = acl_nfs41_xattr_load(buf, ret, iflags, type); free(buf); return acl; @@ -71,13 +72,13 @@ err: struct nfs4_acl *nfs4_getacl(const char *path) { - return nfs4_getacl_byname(path, ACL_NFS4_XATTR); + return nfs4_getacl_byname(path, ACL_NFS4_XATTR, ACL_TYPE_ACL); } struct nfs4_acl *nfs4_getdacl(const char *path) { - return nfs4_getacl_byname(path, DACL_NFS4_XATTR); + return nfs4_getacl_byname(path, DACL_NFS4_XATTR, ACL_TYPE_DACL); } struct nfs4_acl *nfs4_getsacl(const char *path) { - return nfs4_getacl_byname(path, SACL_NFS4_XATTR); + return nfs4_getacl_byname(path, SACL_NFS4_XATTR, ACL_TYPE_SACL); } diff --git a/libnfs4acl/nfs4_new_acl.c b/libnfs4acl/nfs4_new_acl.c index 78d4c28e474b..0a5583af3bc5 100644 --- a/libnfs4acl/nfs4_new_acl.c +++ b/libnfs4acl/nfs4_new_acl.c @@ -50,6 +50,7 @@ nfs4_new_acl(u32 is_dir) acl->naces = 0; acl->is_directory = is_dir; + acl->aclflag = 0; TAILQ_INIT(&acl->ace_head); diff --git a/libnfs4acl/nfs4_setacl.c b/libnfs4acl/nfs4_setacl.c index 298365ec67c5..d68450220757 100644 --- a/libnfs4acl/nfs4_setacl.c +++ b/libnfs4acl/nfs4_setacl.c @@ -23,12 +23,12 @@ #include "libacl_nfs4.h" static int nfs4_setacl_byname(const char *path, const char *xattr_name, - struct nfs4_acl *acl) + struct nfs4_acl *acl, enum acl_type type) { char *xdrbuf = NULL; int ret; - ret = acl_nfs4_xattr_pack(acl, &xdrbuf); + ret = acl_nfs41_xattr_pack(acl, &xdrbuf, type); if (ret != -1) ret = setxattr(path, xattr_name, xdrbuf, ret, XATTR_REPLACE); free(xdrbuf); @@ -37,13 +37,13 @@ static int nfs4_setacl_byname(const char *path, const char *xattr_name, int nfs4_setacl(const char *path, struct nfs4_acl *acl) { - return nfs4_setacl_byname(path, ACL_NFS4_XATTR, acl); + return nfs4_setacl_byname(path, ACL_NFS4_XATTR, acl, ACL_TYPE_ACL); } int nfs4_setdacl(const char *path, struct nfs4_acl *acl) { - return nfs4_setacl_byname(path, DACL_NFS4_XATTR, acl); + return nfs4_setacl_byname(path, DACL_NFS4_XATTR, acl, ACL_TYPE_DACL); } int nfs4_setsacl(const char *path, struct nfs4_acl *acl) { - return nfs4_setacl_byname(path, SACL_NFS4_XATTR, acl); + return nfs4_setacl_byname(path, SACL_NFS4_XATTR, acl, ACL_TYPE_SACL); } From patchwork Sat May 14 14:44:34 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Trond Myklebust X-Patchwork-Id: 12849843 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 56431C43217 for ; Sat, 14 May 2022 14:51:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233439AbiENOvP (ORCPT ); Sat, 14 May 2022 10:51:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45762 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233705AbiENOvD (ORCPT ); Sat, 14 May 2022 10:51:03 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BBFF934674 for ; Sat, 14 May 2022 07:50:45 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 5A22460F70 for ; Sat, 14 May 2022 14:50:45 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id C8E83C34116; Sat, 14 May 2022 14:50:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1652539845; bh=d9LhUJRq5+rDWcd7ORCDZXtKzVKUehbDccHatHbEXFU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=C0E6aCjgqVH8GsKt+gNel+MOzrNPiSmSW8PytWZOpDMr/jAe1pbRycL+g5r0zp7GX +9brzwDaCXYw/spMesjaNgZFA2xr51ir5mnzPo1F3+B7Q9N08JAhJgblIWaja+aMn+ a2nWpVEBEFOLueYvu8unQmkWGuTdGSctwoiMyeg/L7dvJdzs43dd0UQmEb00ozqUmM 72VroZZ+VBNbsBTutbLypy4cjRJo6TH8+Vj1IhbPoayvjK9ir7morZYA3U+iPpK3+T 03CFH6/QIPyPVpazrCc7nkPDDiCWVKBDADy/cOJb8sY9OmjnMkrwSjTmNhYS/JrTNj fAMprxx2ThupA== From: trondmy@kernel.org To: Steve Dickson , "J.Bruce Fields" Cc: linux-nfs@vger.kernel.org Subject: [PATCH 4/6] nfs4_getacl: Add support for the --dacl and --sacl options Date: Sat, 14 May 2022 10:44:34 -0400 Message-Id: <20220514144436.4298-5-trondmy@kernel.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220514144436.4298-4-trondmy@kernel.org> References: <20220514144436.4298-1-trondmy@kernel.org> <20220514144436.4298-2-trondmy@kernel.org> <20220514144436.4298-3-trondmy@kernel.org> <20220514144436.4298-4-trondmy@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org From: Trond Myklebust Add support for the NFSv4.1 dacl and sacl attributes. Signed-off-by: Trond Myklebust --- nfs4_getfacl/nfs4_getfacl.c | 72 +++++++++++++++++++++++++++++++++---- 1 file changed, 65 insertions(+), 7 deletions(-) diff --git a/nfs4_getfacl/nfs4_getfacl.c b/nfs4_getfacl/nfs4_getfacl.c index 1222dd907c9e..954cf7edb19a 100644 --- a/nfs4_getfacl/nfs4_getfacl.c +++ b/nfs4_getfacl/nfs4_getfacl.c @@ -42,15 +42,30 @@ #include #include +#define OPT_DACL 0x98 +#define OPT_SACL 0x99 + static void usage(int); static void more_help(); static char *execname; -static void print_acl_from_path(); +static void print_acl_from_path(const char *, enum acl_type); static int ignore_comment = 0; -static int recursive(const char *fpath, const struct stat *sb, int tflag, struct FTW *ftwbuf) +static int print_acl(const char *fpath, const struct stat *sb, int tflag, struct FTW *ftwbuf) +{ + print_acl_from_path(fpath, ACL_TYPE_ACL); + return 0; +} + +static int print_dacl(const char *fpath, const struct stat *sb, int tflag, struct FTW *ftwbuf) { - print_acl_from_path(fpath); + print_acl_from_path(fpath, ACL_TYPE_DACL); + return 0; +} + +static int print_sacl(const char *fpath, const struct stat *sb, int tflag, struct FTW *ftwbuf) +{ + print_acl_from_path(fpath, ACL_TYPE_SACL); return 0; } @@ -59,6 +74,8 @@ static struct option long_options[] = { {"help", 0, 0, 'h' }, {"recursive", 0, 0, 'R' }, {"omit-header", 0, 0, 'c'}, + {"dacl", 0, 0, OPT_DACL}, + {"sacl", 0, 0, OPT_SACL}, { NULL, 0, 0, 0, }, }; @@ -66,6 +83,9 @@ int main(int argc, char **argv) { int opt, res = 1; int do_recursive = 0; + int (*recursive)(const char *fpath, const struct stat *sb, + int tflag, struct FTW *ftwbuf) = print_acl; + enum acl_type type = ACL_TYPE_ACL; execname = basename(argv[0]); @@ -88,6 +108,14 @@ int main(int argc, char **argv) case 'c': ignore_comment = 1; break; + case OPT_DACL: + type = ACL_TYPE_DACL; + recursive = print_dacl; + break; + case OPT_SACL: + type = ACL_TYPE_SACL; + recursive = print_sacl; + break; case 'h': usage(1); res = 0; @@ -111,23 +139,51 @@ int main(int argc, char **argv) printf("Invalid filename: %s\n", argv[optind]); } else - print_acl_from_path(argv[optind]); + print_acl_from_path(argv[optind], type); res = 0; } out: return res; } -static void print_acl_from_path(const char *fpath) +static void print_acl_from_path(const char *fpath, enum acl_type type) { struct nfs4_acl *acl; - acl = nfs4_acl_for_path(fpath); + + switch (type) { + case ACL_TYPE_ACL: + acl = nfs4_getacl(fpath); + break; + case ACL_TYPE_DACL: + acl = nfs4_getdacl(fpath); + break; + case ACL_TYPE_SACL: + acl = nfs4_getsacl(fpath); + break; + } + if (acl != NULL) { if (ignore_comment == 0) printf("# file: %s\n", fpath); nfs4_print_acl(stdout, acl); printf("\n"); nfs4_free_acl(acl); + } else { + switch (errno) { + case ENODATA: + fprintf(stderr,"Attribute not found on file: %s\n", + fpath); + break; + case EREMOTEIO: + fprintf(stderr,"An NFS server error occurred.\n"); + break; + case EOPNOTSUPP: + fprintf(stderr,"Operation to request attribute not " + "supported: %s\n", fpath); + break; + default: + perror("Failed operation"); + } } } @@ -142,7 +198,9 @@ static void usage(int label) " -H, --more-help display ACL format information\n" " -h, --help display this help text\n" " -R, --recursive recurse into subdirectories\n" - " -c, --omit-header Do not display the comment header (Do not print filename)\n"; + " -c, --omit-header Do not display the comment header (Do not print filename)\n" + " --dacl display the NFSv4.1 dacl\n" + " --sacl display the NFSv4.1 sacl\n"; fprintf(stderr, gfusage, execname); } From patchwork Sat May 14 14:44:35 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Trond Myklebust X-Patchwork-Id: 12849848 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C3FF5C433F5 for ; Sat, 14 May 2022 14:51:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233492AbiENOvR (ORCPT ); Sat, 14 May 2022 10:51:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45696 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233708AbiENOvD (ORCPT ); Sat, 14 May 2022 10:51:03 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 45A81D13D for ; Sat, 14 May 2022 07:50:48 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id F30F5B8075F for ; Sat, 14 May 2022 14:50:46 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 67B81C34115; Sat, 14 May 2022 14:50:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1652539845; bh=S5yU+/+BjMk2kG8Zj7fh/VVfqeuexGUHdyMu/3JprrI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=k8x4EscrzEldhcmAMneuM2qinrz3yk7zhPf9BuNiT9ga0F86Sq+cQLTfJblVrL8vO qANOYWqwpscxkCm8VbaWp3SkxsbwtNZltvrrRZMux+LKTd1Dh6obPLMATnyn0GrIBN Ym584yyaFZjTjy5ORVQot6HfkiG+Yc5OtZa2KH709+pAO034VuTDnfzUSH1fgwwZVK IvTc/Bq1aOsbsOjeCRyhgPjNXEOAOhlC+MTvooFlQEHIG1urTCFTyNooubr4Jj7Tlg KJOWHEG2VhE1GvzYWNC5KgD8TYT1PbLUrGb4SWmBrgrZV5tUxiSfmnftItyHT1/4A8 aIeZC6wFZDWTA== From: trondmy@kernel.org To: Steve Dickson , "J.Bruce Fields" Cc: linux-nfs@vger.kernel.org Subject: [PATCH 5/6] nfs4_setacl: Add support for the --dacl and --sacl options Date: Sat, 14 May 2022 10:44:35 -0400 Message-Id: <20220514144436.4298-6-trondmy@kernel.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220514144436.4298-5-trondmy@kernel.org> References: <20220514144436.4298-1-trondmy@kernel.org> <20220514144436.4298-2-trondmy@kernel.org> <20220514144436.4298-3-trondmy@kernel.org> <20220514144436.4298-4-trondmy@kernel.org> <20220514144436.4298-5-trondmy@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org From: Trond Myklebust Add support for the NFSv4.1 dacl and sacl attributes. Signed-off-by: Trond Myklebust --- nfs4_setfacl/nfs4_setfacl.c | 67 +++++++++++++++++++++++++++++++++++-- 1 file changed, 64 insertions(+), 3 deletions(-) diff --git a/nfs4_setfacl/nfs4_setfacl.c b/nfs4_setfacl/nfs4_setfacl.c index d0485ad53024..e5816085c8b0 100644 --- a/nfs4_setfacl/nfs4_setfacl.c +++ b/nfs4_setfacl/nfs4_setfacl.c @@ -79,6 +79,9 @@ #define EDITOR "vi" /* <- evangelism! */ #define u32 u_int32_t +#define OPT_DACL 0x98 +#define OPT_SACL 0x99 + static int apply_action(const char *, const struct stat *, int, struct FTW *); static int do_apply_action(const char *, const struct stat *); static int open_editor(const char *); @@ -110,6 +113,8 @@ static struct option long_options[] = { { "recursive", 0, 0, 'R' }, { "physical", 0, 0, 'P' }, { "logical", 0, 0, 'L' }, + { "dacl", 0, 0, OPT_DACL }, + { "sacl", 0, 0, OPT_SACL }, { NULL, 0, 0, 0, }, }; @@ -124,6 +129,8 @@ static char *mod_string; static char *from_ace; static char *to_ace; +static enum acl_type acl_type = ACL_TYPE_ACL; + /* XXX: things we need to handle: * * - we need some sort of 'purge' operation that completely clears an ACL. @@ -272,6 +279,13 @@ int main(int argc, char **argv) paths[numpaths++] = optarg; break; + case OPT_DACL: + acl_type = ACL_TYPE_DACL; + break; + case OPT_SACL: + acl_type = ACL_TYPE_SACL; + break; + case 'h': case '?': default: @@ -334,6 +348,50 @@ out: return err; } +static void nfs4_print_acl_error(const char *path) +{ + switch (errno) { + case ENODATA: + fprintf(stderr,"Attribute not found on file: %s\n", path); + break; + case EREMOTEIO: + fprintf(stderr,"An NFS server error occurred.\n"); + break; + case EOPNOTSUPP: + fprintf(stderr,"Operation to request attribute not supported: " + "%s\n", path); + break; + default: + perror("Failed operation"); + } +} + +static struct nfs4_acl *nfs4_retrieve_acl(const char *path, + enum acl_type type) +{ + switch (type) { + case ACL_TYPE_DACL: + return nfs4_getdacl(path); + case ACL_TYPE_SACL: + return nfs4_getsacl(path); + default: + return nfs4_getacl(path); + } +} + +static int nfs4_apply_acl(const char *path, struct nfs4_acl *acl, + enum acl_type type) +{ + switch (type) { + case ACL_TYPE_DACL: + return nfs4_setdacl(path, acl); + case ACL_TYPE_SACL: + return nfs4_setsacl(path, acl); + default: + return nfs4_setacl(path, acl); + } +} + /* returns 0 on success, nonzero on failure */ static int apply_action(const char *_path, const struct stat *stat, int flag, struct FTW *ftw) { @@ -378,7 +436,7 @@ static int do_apply_action(const char *path, const struct stat *_st) if (action == SUBSTITUTE_ACTION) acl = nfs4_new_acl(S_ISDIR(st->st_mode)); else - acl = nfs4_acl_for_path(path); + acl = nfs4_retrieve_acl(path, acl_type); if (acl == NULL) { fprintf(stderr, "Failed to instantiate ACL.\n"); @@ -438,8 +496,11 @@ static int do_apply_action(const char *path, const struct stat *_st) if (is_test) { fprintf(stderr, "## Test mode only - the resulting ACL for \"%s\": \n", path); nfs4_print_acl(stdout, acl); - } else - err = nfs4_set_acl(acl, path); + } else { + err = nfs4_apply_acl(path, acl, acl_type); + if (err == -1) + nfs4_print_acl_error(path); + } out: nfs4_free_acl(acl); From patchwork Sat May 14 14:44:36 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Trond Myklebust X-Patchwork-Id: 12849842 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 25ACBC433FE for ; Sat, 14 May 2022 14:51:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233433AbiENOvP (ORCPT ); Sat, 14 May 2022 10:51:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44476 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233712AbiENOvD (ORCPT ); Sat, 14 May 2022 10:51:03 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D49E8186DE for ; Sat, 14 May 2022 07:50:48 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 888BDB808CF for ; Sat, 14 May 2022 14:50:47 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 05A51C340EE; Sat, 14 May 2022 14:50:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1652539846; bh=BXw7iUghJyWb4rcPAbynJX9c0qgkAH1mwcRaEaiKH7s=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=hFl6bu9MBuBuB3imGAK2lcVY+gWJS1hY3HFqV+DDx9IHaoSHHRQBLqu/SnOF2jBeZ GyShfj3JDoaHAcvWLx3S6fzubx7h/HS6fYB6Ld+JodsRebV/P+daN2H2KRvQ0ltuwq hYl/H2xQG5o57pLZ8H3jk+Qj0mxzoOnaAG0mYCEmgEuDEUcKf8wExyzB6Vi2uG+uOW 1OmdIYd43BaqobCae5+kHGsi2P3MQ9+yhIVUOEPAt7pUoh86jZtOOriGgXMvZIrALI r9hwcjiIzmmHQk7RxSPTd1aT3ur7QxN8a0eiUwqHNJgtDTYKwwtnUVtjnX3/eAjWTy ZELJ0Rkuw+Jyw== From: trondmy@kernel.org To: Steve Dickson , "J.Bruce Fields" Cc: linux-nfs@vger.kernel.org Subject: [PATCH 6/6] Edit manpages to document the new --dacl, --sacl and inheritance features Date: Sat, 14 May 2022 10:44:36 -0400 Message-Id: <20220514144436.4298-7-trondmy@kernel.org> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220514144436.4298-6-trondmy@kernel.org> References: <20220514144436.4298-1-trondmy@kernel.org> <20220514144436.4298-2-trondmy@kernel.org> <20220514144436.4298-3-trondmy@kernel.org> <20220514144436.4298-4-trondmy@kernel.org> <20220514144436.4298-5-trondmy@kernel.org> <20220514144436.4298-6-trondmy@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org From: Trond Myklebust Signed-off-by: Trond Myklebust --- man/man1/nfs4_getfacl.1 | 14 ++++++++++++++ man/man1/nfs4_setfacl.1 | 8 ++++++++ man/man5/nfs4_acl.5 | 10 ++++++++++ 3 files changed, 32 insertions(+) diff --git a/man/man1/nfs4_getfacl.1 b/man/man1/nfs4_getfacl.1 index 7cf7cbf2cd0b..2a618fc356f9 100644 --- a/man/man1/nfs4_getfacl.1 +++ b/man/man1/nfs4_getfacl.1 @@ -34,6 +34,20 @@ flag is specified, .B nfs4_getfacl will not display the comment header (Do not print filename). +If the +.BR --dacl +flag is specified, +.B nfs4_getfacl +will retrieve the dacl. This functionality is only available if +the server supports NFSv4 minor version 1 or newer. + +If the +.BR --sacl +flag is specified, +.B nfs4_getfacl +will retrieve the sacl. This functionality is only available if +the server supports NFSv4 minor version 1 or newer. + The output format for an NFSv4 file ACL, e.g., is: .RS .nf diff --git a/man/man1/nfs4_setfacl.1 b/man/man1/nfs4_setfacl.1 index 7144f0447ef9..47ab517c258c 100644 --- a/man/man1/nfs4_setfacl.1 +++ b/man/man1/nfs4_setfacl.1 @@ -101,6 +101,14 @@ in conjunction with in conjunction with .BR -R / --recursive ", a physical walk skips all symbolic links." .TP +.BR "--dacl" +acts on the dacl only. This functionality is only available if +the server supports NFSv4 minor version 1 or newer. +.TP +.BR "--sacl" +acts on the sacl only. This functionality is only available if +the server supports NFSv4 minor version 1 or newer. +.TP .BR --test display results of .BR COMMAND , diff --git a/man/man5/nfs4_acl.5 b/man/man5/nfs4_acl.5 index e0b2a0a57e8b..7036ab72bc35 100644 --- a/man/man5/nfs4_acl.5 +++ b/man/man5/nfs4_acl.5 @@ -125,6 +125,16 @@ group - indicates that .I principal represents a group instead of a user. .TP +.BR "INHERITED FLAG" " - can be used in any ACE" +.TP +.B I +inherited - indicates that the ACE was inherited from the parent directory. +This flag can only be used with the NFSv4.1 protocol or newer when using the +.BR --dacl +or +.BR --sacl +options. +.TP .BR "INHERITANCE FLAGS" " - can be used in any directory ACE" .TP .B d