[OpenAFS] ACLs and open-afs
E.Spencer B.
m1esb00@frb.gov
Thu, 10 Oct 2002 13:10:03 -0400 (EDT)
On Thu, 10 Oct 2002, Ray Link wrote:
> On Thu, 10 Oct 2002, E.Spencer B. wrote:
>
> > I'm having a discussion with my co-workers about open-afs. We are aware
> > of the ACL limitations with afs (as far as setting them on directories and
> > not files). My question is can open-afs on a Solaris 2.6 or higher box
> > make use of Solaris ACLs within the open-afs environment using the setfacl
> > and getfacl commands?
>
> No, Solaris ACLs are UFS-only. When attempting to use Solaris ACLs
> within AFS, the acl(2) syscall fails with ENOSYS. According to errno.h,
> that translates to "Unsupported file system operation".
Sorry to hear this, has anyone tried to mod this behavior?
>
> Since AFS runs on multiple platforms, this wouldn't buy you much anyways
> if it worked. What would happen to someone with, say, a Linux client
> that has no notion of Solaris ACLs?
Well, with Solaris ACLs and non-Solaris ACL interpreters like Linux, the
Solaris ACLs are honored (permissions granted or not granted depending on
the Solaris ACL), but you cannot set them from non-Solaris ACL
interpreters like Linux from an NFS mounted Solaris exported filesystem.
Thanks again for the help,
E>Spencer>B