+++ This bug was initially created as a clone of Bug #1238558 +++ Description of problem: Although DENY entries handle properly in the acl implementation, it is not displayed in nfs4_getfacl(). Version-Release number of selected component (if applicable): mainline How reproducible: always Steps to Reproduce: 1. Create a volume 2. export the volume through nfs-ganesha 3. mount the volume using nfsv4. 4. set an DENY acl which will create DENY entry in the list using nfs4_setfacl. 5. call nfs4_getfacl(). Actual results: DENY entries are not displayed Expected results: should display DENY entries Additional info: if even it is not displayed, permissions which are not shown in ALLOW entry will be considered as denied ones.
The only know issue here DENY entries won't display when u call nfs4_getfacl(). But DENY entries will handle properly with in the current implementation, i.e there is no functionality issue with DENY entries. The user should understand that if the permission bit is not set in ALLOW entry it should be considered as DENY
Doc text is edited. Please sign off to be included in Known Issues.
Verified the doc text
Moving the devel acks since this bug depends on BZ1251471, that bug depend on another two bugs . So can defer to next release. The fix is only merged on upstream ganesha.
The patch merged in upstream https://review.gerrithub.io/#/c/241287/
# nfs4_getfacl /mnt/acl_test/file2 A::OWNER@:rwatTcCy A::1601:rwatcy D::niels@.eng.blr.redhat.com:rwa A::niels@.eng.blr.redhat.com:tcy A::GROUP@:rwatcy A::EVERYONE@:watcy The deny entry is getting displayed. verified on nfs-ganesha-2.2.0-10.el7rhgs.x86_64
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-0193.html