Bug 761438

Summary: [RFE] Add support for NFSv4 style ACLs
Product: Red Hat Enterprise Linux 6 Reporter: Ondrej Valousek <ondrejv>
Component: attrAssignee: Kamil Dudka <kdudka>
Status: CLOSED NOTABUG QA Contact: qe-baseos-daemons
Severity: low Docs Contact:
Priority: unspecified    
Version: 6.1CC: kdudka, mfranc
Target Milestone: rcKeywords: FutureFeature
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-12-14 17:28:05 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ondrej Valousek 2011-12-08 10:45:12 UTC 
Description of problem:

When I add NFSv4 style ACL rights to the file or directory, those are not visible as the "+" sign in the permissions column in the ls -l listing. Do I take it right that glibc is responsible for this functionality?

Thanks
Comment 2 Jeff Law 2011-12-08 16:45:50 UTC 
I'd think this is a coreutils issue rather than a glibc issue.

Presumably the NFS acls are layered on top of traditional ACLs, in which case all the routines from libacl should be usable.

If you run getacl on files/directories with NFSv4 ACLs, are any ACLs reported?

Jeff
Comment 3 Ondrej Valousek 2011-12-14 12:48:02 UTC 
No, getfacl command won't show them. I have to use nfs4_getfacl to display them.
Submitted RFE against coreutils package:
https://bugzilla.redhat.com/show_bug.cgi?id=767584

Ondrej
Comment 4 Kamil Dudka 2011-12-14 17:00:19 UTC 
Both ls(1) and getfacl(1) use libacl to check ACLs.  libacl uses getxattr() to read the raw data.  getxattr() belongs to glibc, but there is only a trivial wrapper around the getxattr syscall.  As far as I understand the problem, there is nothing to fix or improve in glibc.
Comment 5 Kamil Dudka 2011-12-14 17:28:05 UTC 
Actually, libacl uses a getxattr syscall wrapper from libattr.  This issue is  completely unrelated to glibc:

$ gdb -q --args getfacl .
(gdb) break getxattr
(gdb) run
Breakpoint 1, getxattr (path=0x7fffffffd1b0 ".", name=0x3316405db7 "system.posix_acl_access", value=0x7fffffffce30, size=132) at syscalls.c:223
223     {

(gdb) info sym getxattr
getxattr in section .text of /lib64/libattr.so.1

(gdb) list
218             return SYSCALL(__NR_fsetxattr, filedes, name, value, size, flags);
219     }
220
221     ssize_t getxattr (const char *path, const char *name,
222                                     void *value, size_t size)
223     {
224             return SYSCALL(__NR_getxattr, path, name, value, size);
225     }
226
227     ssize_t lgetxattr (const char *path, const char *name,

I am closing this out...