[OpenAFS] user-visible change suggestion for fs setacl

[Stephen Joyce]

On Tue, 16 Dec 2008, Tom Maher wrote:

> What's the semantics for negative ACLs?  For example,
>
> fs sa . system:authuser rl
> fs sa . badguy +rl -negative
>
> I'm guessing that'll give badguy negative "rl" bits.

Makes sense to me.

> Should 'fs sa . badguy -rl' implicitly give him negative "rl" bits, if
> he doesn't have anything already?

That doesn't make sense to me. I'd suggest that -<perm> should never add 
permissions, only remove. So it should just clear the perms if they're set 
and do nothing if not. To add the negative flags, do what you suggested 
above.

My $0.02.

Cheers,
Stephen.