[OpenAFS] user-visible change suggestion for fs setacl
Wed, 17 Dec 2008 08:07:25 -0500
On 12/17/2008 04:02 AM, Felix Frank wrote:
> On Wed, 17 Dec 2008, Erik Dal=E9n wrote:
>> On Wed, Dec 17, 2008 at 03:09, Stephen Joyce <firstname.lastname@example.org>=
>>> On Tue, 16 Dec 2008, Tom Maher wrote:
>>>> What's the semantics for negative ACLs? For example,
>>>> fs sa . system:authuser rl
>>>> fs sa . badguy +rl -negative
>>>> I'm guessing that'll give badguy negative "rl" bits.
>>> Makes sense to me.
>>>> Should 'fs sa . badguy -rl' implicitly give him negative "rl" bits, =
>>>> he doesn't have anything already?
>>> That doesn't make sense to me. I'd suggest that -<perm> should never =
>>> permissions, only remove. So it should just clear the perms if=20
>>> they're set
>>> and do nothing if not. To add the negative flags, do what you suggest=
>>> My $0.02.
>> Sounds very reasonable to me. My vote for implementing it like this.
> Still doesn't feel devoid of ambiguity, though:
> fs sa . user +rl -negative # sets negative bits
> fs sa . user -rl -negative # takes away negative bits?
> fs sa . user -rl # takes away both negative and positive bits?
> # or positive only? what about neg. then?
> To add more confusion, I find another model conceivable:
> fs sa . user +a # always removes negative bit, adds positive bi=
> fs sa . user -a # always sets negative bit, removes positive bi=
> the drawbacks being painfully obvious.
> In all, with ACLs having one degree of higher complexity than unix=20
> permissions, there probably is no way to make this syntax 100%=20
> intuitively akin to chmod's.
> Thus, the original proposal to use postfix +/- might communicate the
Doesn't seem ambiguous to me at all. If you don't say "-negative", you=20
aren't messing with the negative ACLs; If you do, you're leaving the=20
positive ACLs alone. I'm pretty sure most folks are not even aware of=20
negative ACLs anyway, and those who use them intentionally are (I'm=20
guessing) extremely rare creatures. My two cents. -- Todd_Lewis@unc.edu