Hello, OCFS2 mount option 'acl' is a small trap for users. When xattr feature is not enabled and 'acl' mount option is specified, it is just silently cleared during mount. IMHO that's not a good behavior - when admin requests ACLs and we are not able to provide them, we should just fail the mount. The trap is even more dangerous because the mount command is not aware that we've cleared the 'acl' mount option and thus it records in /etc/mtab that the filesystem is mounted with 'acl' mount option. So the output of mount command looks as if ACLs were really in use. The only way to find out they are not is to look into /proc/mounts or to try to get/set some ACL. Attached patch makes the mount fail if 'acl' mount option is specified but xattr feature is disabled. Honza -- Jan Kara <jack at suse.cz> SUSE Labs, CR -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-ocfs2-Fail-the-mount-when-acl-mount-option-is-spe.patch Type: text/x-patch Size: 2512 bytes Desc: not available Url : http://oss.oracle.com/pipermail/ocfs2-devel/attachments/20090914/bef0a2a5/attachment.bin
On Mon, Sep 14, 2009 at 04:56:22PM +0200, Jan Kara wrote:> OCFS2 mount option 'acl' is a small trap for users. When xattr feature > is not enabled and 'acl' mount option is specified, it is just silently > cleared during mount. IMHO that's not a good behavior - when admin requests > ACLs and we are not able to provide them, we should just fail the mount.See http://www.mail-archive.com/ocfs2-devel at oss.oracle.com/msg03836.html for previous discussion. Joel -- Life's Little Instruction Book #450 "Don't be afraid to say, 'I need help.'" Joel Becker Principal Software Developer Oracle E-mail: joel.becker at oracle.com Phone: (650) 506-8127