|
|
Heads up: ACL changes
Date: Mon, 13 Feb 2006 10:20:27 -0700
From: Mark Shellenbaum <Mark dot Shellenbaum at Sun dot COM>
To: on-all at Sun dot COM, onnv-gate at onnv dot eng dot sun dot com
Subject: Heads up: ACL changes
If you don't use ACLs, you can probably delete this message.
With the putback of:
PSARC/2006/043 ls -V
PSARC 2006/047 acl_totext
PSARC/2006/048 Compact chmod ACL syntax
6362641 tar does not store ACLs in a suitable format
6379909 Need compact ACL utility support for NFSv4/ZFS
Users of ZFS and UFS ACLs should be aware of the following issues:
1. For ZFS ACLs, the order of the inheritance flags and access type
fields have been swapped.
The new order of the fields is as follows:
entry_type : permissions [:inherit flags] : access type
For example: (these are all equivalent)
$ chmod A+user:fred:read_data/write_data:file_inherit:allow dir
$ chmod A+user:fred:rw------------:f-----:allow dir
$ chmod A+user:fred:rw:f:allow dir
if you don't have any inheritance flags to set then the
following can be used. (these are all equivalent)
$ chmod A+user:fred:read_data/write_data:allow file
$ chmod A+user:fred:rw------------:------:allow file
$ chmod A+user:fred:rw::allow file
$ chmod A+user:fred:rw:allow file
2. For UFS and ZFS the standard archivers (tar/cpio) are now using a new
ACLformat when archiving of ACLs. This new format has some issues
you should be aware of:
- ACLs on UFS tar/cpio archives created with the preserve ACL
option (-p for tar, -P for cpio) on older Solaris releases are
preserved when extracted on a Solaris Nevada system.
- UFS tar/cpio archives created with the preserve ACL option
(-p for tar, -P for cpio) on a Solaris Nevada system lose
their ACLs when the archive is extracted on an older Solaris
release.
All of the files will be extracted with the correct file
modes, but the ACLs will be dropped. This will occur until
the necessary changes have been backported.
Additionally, the archivers require an updated version of
libsec.so.1.
As usual, bfu does the right thing.
|