Hi! I have few question to developers of VFS ACL modules (acl_tdb and acl_xattr): 1. Do you plan to extend quantity of entries in acl_tdb (now I can write 22 user ACLs plus CREATOR OWNER, CREATOR GROUP, domain users and everyone) 2. Do you plan to fix few ACLs eg. Traverse folder / Execute file (to traverse I need to enable additional permission List folder / read data to traverse through folder), Read attributes seems to be always enabled, Read Extended Attributes seems to be always disabled, the same behaviour is with Write Attributes and Write Extended Attributes, Delete subfolder and files permission works only on files - I cannot remove subfolder. I'm looking forward to hearing from you. Cheers /Adrian Berlin
On Wed, Nov 23, 2011 at 01:15:46PM +0100, adrian.berlin wrote:> Hi! > > I have few question to developers of VFS ACL modules (acl_tdb and acl_xattr): > 1. Do you plan to extend quantity of entries in acl_tdb > (now I can write 22 user ACLs plus CREATOR OWNER, CREATOR GROUP, domain users and everyone)I don't see any limits in acl_tdb. Where are you getting this limit from ?> 2. Do you plan to fix few ACLs eg. Traverse folder / Execute file (to traverse > I need to enable additional permission List folder / read data to traverse through > folder), Read attributes seems to be always enabled, Read Extended Attributes seems > to be always disabled, the same behaviour is with Write Attributes and Write Extended > Attributes, Delete subfolder and files permission works only on files - I cannot remove subfolder.Can you expand on this more ? I need to know what specific bugs you're seeing here. Thanks, Jeremy.
Hi! 1. To check acl_tdb limits I used this script (on Windows): @echo off for /l %%i in (1,1,100000) do ( icacls.exe \\IP_address\smb_share\folder /grant user%%i:F I could write only 22 entries. 2. Please see document on scribd http://www.scribd.com/doc/73654474/vfs-acls Cheers /Adrian Berlin> Dnia 23 listopada 2011 21:39 Jeremy Allison <jra at samba.org> napisa?(a): > > > On Wed, Nov 23, 2011 at 01:15:46PM +0100, adrian.berlin wrote: > > > Hi! > > > > > > I have few question to developers of VFS ACL modules (acl_tdb and acl_xattr): > > > 1. Do you plan to extend quantity of entries in acl_tdb > > > (now I can write 22 user ACLs plus CREATOR OWNER, CREATOR GROUP, domain users and everyone) > > > > I don't see any limits in acl_tdb. Where are you getting this > > limit from ? > > > > > 2. Do you plan to fix few ACLs eg. Traverse folder / Execute file (to traverse > > > I need to enable additional permission List folder / read data to traverse through > > > folder), Read attributes seems to be always enabled, Read Extended Attributes seems > > > to be always disabled, the same behaviour is with Write Attributes and Write Extended > > > Attributes, Delete subfolder and files permission works only on files - I cannot remove subfolder. > > > > Can you expand on this more ? I need to know what specific > > bugs you're seeing here. > > > > Thanks, > > > > Jeremy. > >