Project

General

Profile

Actions

Bug #15027

closed

The ls command should show SIDs instead of ephemeral IDs

Added by Toomas Soome 2 months ago. Updated about 2 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
cmd - userland programs
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
External Bug:
racktop:BSR-11786

Description

There's a change in the Nexenta illumos repo for this, though it needed some work.
See: https://github.com/illumos/illumos-gate/commit/909eccd7b32e38c00ac21a166c43d9a742ba6c16

commit 909eccd7b32e38c00ac21a166c43d9a742ba6c16
Author: Rick Mesta <rick.mesta@nexenta.com>
Date:   Mon Jul 11 13:28:40 2016 -0700

    NEX-1767 ls is unable to display SIDs
    Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
    Reviewed by: Evan Layton <evan.layton@nexenta.com>

The essential functional change is:

  • without "-n" it tries to lookup a name (Unix name or Windows name) and if that fails it will show a SID (not an ephemeral UID or GID)
  • With one "-n" it won't try for a name but will show a SID rather than an ephemeral ID.
  • With two ("-nn") it will show ephemeral IDs. (One rarely wants that.)

Here's what "ls -V" looks like after the fix: (compact form)

$ /etc/gwr/ls -Vd test                     
drwxrwxrwx+ 83 root     Administrators@BUILTIN     149 May  2 19:26 test
    usersid:gwr@racktoplabs.com:rwxpdDaARWcCos:fd-----:allow
    groupsid:Administrators@BUILTIN:rwxpdDaARWcCos:fd-----:allow
              everyone@:rwxpdDaARWc--s:fd-----:allow

$ /etc/gwr/ls -Vdn test                    
drwxrwxrwx+ 83 0        S-1-5-32-544     149 May  2 19:26 test
    usersid:S-1-5-21-2103861846-1878089256-521690406-2060:rwxpdDaARWcCos:fd-----:allow
    groupsid:S-1-5-32-544:rwxpdDaARWcCos:fd-----:allow
              everyone@:rwxpdDaARWc--s:fd-----:allow

$ /etc/gwr/ls -Vdnn test                   
drwxrwxrwx+ 83 0        2147483655     149 May  2 19:26 test
        user:2147483649:rwxpdDaARWcCos:fd-----:allow
       group:2147483655:rwxpdDaARWcCos:fd-----:allow
              everyone@:rwxpdDaARWc--s:fd-----:allow

Here's what "ls -v" looks like after the fix: (full verbose form)

$ /etc/gwr/ls -vd test                     
drwxrwxrwx+ 83 root     Administrators@BUILTIN     149 May  2 19:26 test
     0:usersid:gwr@racktoplabs.com:list_directory/read_data/add_file
         /write_data/add_subdirectory/append_data/read_xattr/write_xattr
         /execute/delete_child/read_attributes/write_attributes/delete
         /read_acl/write_acl/write_owner/synchronize:file_inherit
         /dir_inherit:allow
     1:groupsid:Administrators@BUILTIN:list_directory/read_data/add_file
         /write_data/add_subdirectory/append_data/read_xattr/write_xattr
         /execute/delete_child/read_attributes/write_attributes/delete
         /read_acl/write_acl/write_owner/synchronize:file_inherit
         /dir_inherit:allow
     2:everyone@:list_directory/read_data/add_file/write_data
         /add_subdirectory/append_data/read_xattr/write_xattr/execute
         /delete_child/read_attributes/write_attributes/delete/read_acl
         /synchronize:file_inherit/dir_inherit:allow

$ /etc/gwr/ls -vdn test                    
drwxrwxrwx+ 83 0        S-1-5-32-544     149 May  2 19:26 test
     0:usersid:S-1-5-21-2103861846-1878089256-521690406-2060:list_directory
         /read_data/add_file/write_data/add_subdirectory/append_data
         /read_xattr/write_xattr/execute/delete_child/read_attributes
         /write_attributes/delete/read_acl/write_acl/write_owner
         /synchronize:file_inherit/dir_inherit:allow
     1:groupsid:S-1-5-32-544:list_directory/read_data/add_file/write_data
         /add_subdirectory/append_data/read_xattr/write_xattr/execute
         /delete_child/read_attributes/write_attributes/delete/read_acl
         /write_acl/write_owner/synchronize:file_inherit/dir_inherit:allow
     2:everyone@:list_directory/read_data/add_file/write_data
         /add_subdirectory/append_data/read_xattr/write_xattr/execute
         /delete_child/read_attributes/write_attributes/delete/read_acl
         /synchronize:file_inherit/dir_inherit:allow

$ /etc/gwr/ls -vdnn test                   
drwxrwxrwx+ 83 0        2147483655     149 May  2 19:26 test
     0:user:2147483649:list_directory/read_data/add_file/write_data
         /add_subdirectory/append_data/read_xattr/write_xattr/execute
         /delete_child/read_attributes/write_attributes/delete/read_acl
         /write_acl/write_owner/synchronize:file_inherit/dir_inherit:allow
     1:group:2147483655:list_directory/read_data/add_file/write_data
         /add_subdirectory/append_data/read_xattr/write_xattr/execute
         /delete_child/read_attributes/write_attributes/delete/read_acl
         /write_acl/write_owner/synchronize:file_inherit/dir_inherit:allow
     2:everyone@:list_directory/read_data/add_file/write_data
         /add_subdirectory/append_data/read_xattr/write_xattr/execute
         /delete_child/read_attributes/write_attributes/delete/read_acl
         /synchronize:file_inherit/dir_inherit:allow

Actions #1

Updated by Electric Monk 2 months ago

  • Gerrit CR set to 2406
Actions #2

Updated by Gordon Ross 2 months ago

  • Description updated (diff)
Actions #3

Updated by Toomas Soome about 2 months ago

  • Status changed from In Progress to Pending RTI
Actions #4

Updated by Electric Monk about 2 months ago

  • Status changed from Pending RTI to Closed
  • % Done changed from 0 to 100

git commit fab57d1b740f6df905ebda23c9345ef88a7a046a

commit  fab57d1b740f6df905ebda23c9345ef88a7a046a
Author: Gordon Ross <gwr@racktopsystems.com>
Date:   2022-10-13T15:47:01.000Z

    15027 The ls command should show SIDs instead of ephemeral IDs
    Reviewed by: Matt Barden <mbarden@tintri.com>
    Reviewed by: Sam Zaydel <szaydel@racktopsystems.com>
    Reviewed-by: Jerry Jelinek <gjelinek@racktopsystems.com>
    Portions contributed by: Rick Mesta <rick.mesta@nexenta.com>
    Reviewed by: Evan Layton <evan.layton@nexenta.com>
    Approved by: Dan McDonald <danmcd@mnx.io>

Actions

Also available in: Atom PDF