Project

General

Profile

Actions

Bug #664

closed

Umask masking "deny" ACL entries.

Added by Edward Tomasz Napierala over 10 years ago. Updated over 10 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
kernel
Start date:
2011-01-26
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Gerrit CR:

Description

There is a bug regarding inheritance of "deny" entries. It seems their permissions are masked according to umask, just like for "allow" type entries, which means "stricter" umask results in "looser" permissions. Patch (unfortunately from FreeBSD Perforce, so it needs to be applied by hand) attached below:

==== //depot/user/pjd/zfs/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c#42 (text) ====

@@ -1467,7 +1467,7 @@
                         * Limit permissions to be no greater than
                         * group permissions
                         */
-                       if (zfsvfs->z_acl_inherit == ZFS_ACL_RESTRICTED) {
+                       if (type == ALLOW && zfsvfs->z_acl_inherit == ZFS_ACL_RESTRICTED) {
                                if (!(mode & S_IRGRP))
                                        access_mask &= ~ACE_READ_DATA;
                                if (!(mode & S_IWGRP))


Related issues

Related to illumos gate - Feature #742: Resurrect the ZFS "aclmode" propertyResolvedAlbert Lee2011-02-18

Actions
Actions #1

Updated by Albert Lee over 10 years ago

  • Status changed from New to In Progress
  • Assignee set to Albert Lee

Taking, will address with possible reintroduction of aclmode.

Actions #2

Updated by Gordon Ross over 10 years ago

  • Status changed from In Progress to Resolved
  • Difficulty set to Medium
  • Tags set to needs-triage

changeset: 13370:8c04143bd318
tag: tip
user: Albert Lee <>
date: Sat May 14 00:29:13 2011 -0400
description:
742 Resurrect the ZFS "aclmode" property
664 Umask masking "deny" ACL entries.
279 Bug in the new ACL (post-PSARC/2010/029) semantics
Reviewed by: Aram Hăvărneanu <>
Reviewed by: Gordon Ross <>
Reviewed by: Robert Gordon <>
Reviewed by:
Approved by: Garrett D'Amore <>

Actions

Also available in: Atom PDF