RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 2137866 - [RFE] ls: Add support for NFSv4 style ACLs [rhel-9]
Summary: [RFE] ls: Add support for NFSv4 style ACLs [rhel-9]
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: coreutils
Version: 9.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Kamil Dudka
QA Contact: Radka Brychtova
URL:
Whiteboard:
Depends On:
Blocks: 2158747
TreeView+ depends on / blocked
 
Reported: 2022-10-26 13:00 UTC by Ondrej
Modified: 2023-05-09 10:18 UTC (History)
1 user (show)

Fixed In Version: coreutils-8.32-34.el9
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 2158747 (view as bug list)
Environment:
Last Closed: 2023-05-09 08:15:47 UTC
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
patch adding the requested functionality (1.18 KB, text/plain)
2022-10-26 13:00 UTC, Ondrej 		no flags Details
patch adding the requested functionality (final version) (4.94 KB, patch)
2022-11-24 17:30 UTC, Ondrej 		no flags Details | Diff
Show Obsolete (1) View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-137646 0 None None None 2022-10-26 13:11:18 UTC
Red Hat Product Errata RHBA-2023:2475 0 None None None 2023-05-09 08:15:54 UTC

Description Ondrej 2022-10-26 13:00:39 UTC 
Created attachment 1920489 [details]
patch adding the requested functionality

Description of problem:
This is duplicate of #767584

When I add NFSv4 style ACL rights to the file or directory, those are not
visible as the "+" sign in the permissions column in the ls -l listing.

Attaching a proposed patch which adds the requested functionality
Comment 2 Kamil Dudka 2022-10-31 07:25:03 UTC 
Ondrej, thank you for posting the patch upstream!  Let's continue the discussion there:

    https://lists.gnu.org/archive/html/bug-gnulib/2022-10/msg00031.html
Comment 3 Ondrej 2022-11-08 17:31:34 UTC 
Hello,
The Gnulib maintainers are not too willing to accept the patch (which I sort of understand as it should be really in libacl). Hence I submitted a different patch against libacl which works the same way.
Unfortunately, I can't get any reply from the libacl maintainer (Andreas Gruenbacher) - is there anything that I can do?
Thanks.
Comment 4 Ondrej 2022-11-24 17:30:09 UTC 
Created attachment 1927142 [details]
patch adding the requested functionality (final version)

Attaching a final version of the patch implementing checks for non-trivial ACLs returned by NFSv4 server.
Tested under various conditions against Netapp and Linux based NFSv4 server.
Works OK to me.

Also submitted upstream to bug-gnulib and also incorporated few suggestions from Andreas Gruenbacher (libacl maintainer).

I am also attaching the code here in hope it's not forgotten because currently GNUlib/coreutils ignores v4 ACLs completely which is pity
Comment 5 Kamil Dudka 2022-11-25 14:05:58 UTC 
Ondrej, thank you for working on this with gnulib upstream!  I will try to cherry-pick your commit(s) from there once they are merged.
Comment 6 Ondrej 2022-12-23 17:29:44 UTC 
Hi Kamil,
The patch has finally been accepted by the upstream Gnulib maintainers (it took a while to sort out the paper work), kindly please take a look at it:

commit b0604a8e134dbcc307c0ffdd5ebd3693e9de7081
Author: Ondrej Valousek <ondrej.valousek.xm>
Date:   Fri Dec 2 13:40:19 2022 +0100

    file-has-acl: Basic support for checking NFSv4 ACLs in Linux.
    
    * lib/acl-internal.h (acl_nfs4_nontrivial): New declaration.
    * lib/acl-internal.c (acl_nfs4_nontrivial): New function.
    * lib/file-has-acl.c: Include <arpa/inet.h>.
    (XATTR_NAME_NFSV4_ACL, TRIVIAL_NFS4_ACL_MAX_LENGTH): New macros.
    (file_has_acl): Test for NFSv4 ACLs.
    * doc/acl-nfsv4.txt: New file.

Thanks.
Comment 7 Kamil Dudka 2022-12-23 17:56:07 UTC 
Well done, will try to pick it from there.
Comment 9 Kamil Dudka 2023-01-02 12:51:45 UTC 
Fixed in coreutils-9.1-10.fc38 and coreutils-9.1-7.fc37 for now:
https://src.fedoraproject.org/rpms/coreutils/c/ad57d2b8e82e890a766412caf5014fcc77b00c93?branch=rawhide
https://src.fedoraproject.org/rpms/coreutils/c/f338c12bfa958ff994bec168cb8f6c83eb0b40f3?branch=f37
Comment 10 Kamil Dudka 2023-01-04 13:28:54 UTC 
CentOS Stream Merge Request:
https://gitlab.com/redhat/centos-stream/rpms/coreutils/-/merge_requests/12
Comment 12 Ondrej 2023-01-05 13:44:08 UTC 
Works OK in Fedora 37, thanks
Comment 13 Kamil Dudka 2023-01-05 13:57:30 UTC 
Perfect,  thank you for testing it!
Comment 15 Ondrej 2023-01-06 12:36:43 UTC 
Thanks!
Is there any chance to have it also backported to RHEL-8?
Comment 16 Kamil Dudka 2023-01-06 13:03:04 UTC 
From technical point of view, it should be easy.  There are no significant changes between RHEL-8 and RHEL-9 in the code in question.  I will clone the bug for evaluation...
Comment 23 errata-xmlrpc 2023-05-09 08:15:47 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (coreutils bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:2475
Note You need to log in before you can comment on or make changes to this bug.