Skip to content
Snippets Groups Projects
Select Git revision
  • master default
1 result
Search by author
  • Any Author
  • Christer Einmo Andersen Christer Einmo Andersen cea
  • Erik Sørnes Erik Sørnes ejs
  • Geir Larsen Geir Larsen gel
  • Jon Frederick Frøystad Jon Frederick Frøystad jff
  • Jørgen Langgåt Jørgen Langgåt jhl
  • Morten Pedersen Morten Pedersen mp
  • Thomas H. Espe Thomas H. Espe te
  • Tore Clemetsen Tore Clemetsen toc
8 authors
  1. May 13, 2013
  3. Jul 18, 2012
    • Liam Gretton's avatar
      allow spaces in principal names · ae091661
      Liam Gretton authored 
      
Change the behaviour of nfs4_setfacl slightly to allow it to add, remove
and modify ACLs which act on principals containing space characters.

The rationale behind this is to allow us to use nfs4_setfacl on a file
system which is shared via CIFS to Windows clients and NFSv4. Though
very rare in a Unix environment, Windows commonly uses user names (and
hence principals derived from them) which contain spaces. A
particularly common one is 'Domain Admins', the handling of which
prompted me to look at modifying the nfs4_setfacl command.

As of 0.3.3 of nfs4-acl-tools, nfs4_setfacl fails to handle ACLs
containing a space character no matter what attempts to quote the ACE
or escape the space character:

Scanning ACE string 'A:fdg:Domain' failed.
Failed while inserting ACE(s) (at index 1).

(exit status 1.)

Scanning ACE string 'A:fdg:Domain' failed.
Failed while inserting ACE(s) (at index 1).

(exit status 1.)

The attached patch modifies the parsing of the command line and
disallows space as an ACE delimiter. The patched version completes
successfully:

A:fdg:Domain Admins@le.ac.uk:rtncy

ACEs can be chained with commas, but no longer with spaces. With the
-A, -X, -S or -e options which expect a file containing ACLs, ACEs can
be separated with tabs, newlines and/or carriage returns as before.

As there's a slight change in behaviour, the patch also modifies one of
the examples given in the EXAMPLES section of nfs4_setfacl(1) and the
text of the 'ACL FORMAT' section of nfs4_acl.

The patches don't modify any version numbers or dates.

Signed-off-by: default avatarJ. Bruce Fields <bfields@redhat.com>
      ae091661
  5. Aug 16, 2011
  7. Aug 05, 2011
  9. Sep 15, 2009
    • Brian De Wolf's avatar
      allow parsing ACEs with empty masks · 75053cc0
      Brian De Wolf authored 
      
After upgrading from 0.3.2 to 0.3.3 to fix some segfaulting issues we
had, 0.3.3 now rejects ACEs that have empty mask fields.  This is
because the function parse_alloc_fields checks whether the three strings
are zero length.  Having a zero length "type" or "who" definitely
doesn't make sense, but having an empty mask is entirely possible.  It's
allowed in the old versions and the ZFS back-end in our setup allows
them too.  Even nfs4_getfacl prints them out, producing the frustrating
situation where nfs4_getfacl can produce ACLs that you can't apply with
nfs4_setfacl.

This patch modifies the function to not check if the mask is an empty
string.

Signed-off-by: default avatarJ. Bruce Fields <bfields@citi.umich.edu>
      75053cc0
  11. Dec 03, 2008
  13. Aug 22, 2008