aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRyan Moeller <[email protected]>2020-02-04 11:40:08 -0500
committerGitHub <[email protected]>2020-02-04 08:40:07 -0800
commit8c4987c489c842a7dcd2356bdfd53e2aacc33316 (patch)
tree0a08a1cd7d9a3bae4c1c56667dccfdd2bb73e604
parent07bc2bc2319655c0a9dd92f4a732467bfeac4874 (diff)
Restore aclmode and remove acltype on FreeBSD
This replaces the placeholder ZFS_PROP_PRIVATE with ZFS_PROP_ACLMODE, matching what is done in the NFSv4 ACLs PR (#9709). On FreeBSD we hide ZFS_PROP_ACLTYPE, while on Linux we hide ZFS_PROP_ACLMODE. The tests already assume this arrangement. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Alexander Motin <[email protected]> Signed-off-by: Ryan Moeller <[email protected]> Closes #9913
-rw-r--r--include/sys/fs/zfs.h2
-rw-r--r--man/man8/zfsprops.852
-rw-r--r--module/zcommon/zfs_prop.c29
3 files changed, 78 insertions, 5 deletions
diff --git a/include/sys/fs/zfs.h b/include/sys/fs/zfs.h
index 2f35563bc..3e2c00235 100644
--- a/include/sys/fs/zfs.h
+++ b/include/sys/fs/zfs.h
@@ -115,7 +115,7 @@ typedef enum {
ZFS_PROP_READONLY,
ZFS_PROP_ZONED,
ZFS_PROP_SNAPDIR,
- ZFS_PROP_PRIVATE, /* not exposed to user, temporary */
+ ZFS_PROP_ACLMODE,
ZFS_PROP_ACLINHERIT,
ZFS_PROP_CREATETXG,
ZFS_PROP_NAME, /* not exposed to the user */
diff --git a/man/man8/zfsprops.8 b/man/man8/zfsprops.8
index da3280a9f..ba96aefc6 100644
--- a/man/man8/zfsprops.8
+++ b/man/man8/zfsprops.8
@@ -37,7 +37,7 @@
.\" Copyright 2018 Nexenta Systems, Inc.
.\" Copyright 2019 Joyent, Inc.
.\"
-.Dd June 30, 2019
+.Dd January 30, 2020
.Dt ZFSPROPS 8
.Os Linux
.Sh NAME
@@ -599,8 +599,58 @@ accordance to the requested mode from the application.
The
.Sy aclinherit
property does not apply to POSIX ACLs.
+.It Sy aclmode Ns = Ns Sy discard Ns | Ns Sy groupmask Ns | Ns Sy passthrough
+.Ns Sy restricted
+Controls how an
+.Tn ACL
+is modified during
+.Xr chmod 2 .
+This property is not visible on Linux yet.
+.Bl -tag -width "passthrough"
+.It Sy discard
+default, deletes all
+.Tn ACL
+entries that do not represent the mode of the file.
+.It Sy groupmask
+reduces permissions granted in all
+.Em ALLOW
+entried found in the
+.Tn ACL
+such that they are no greater than the group permissions specified by
+.Xr chmod 2 .
+.It Sy passthrough
+indicates that no changes are made to the
+.Tn ACL
+other than creating or updating the necessary
+.Tn ACL
+entries to represent the new mode of the file or directory.
+.It Sy restricted
+will cause the
+.Xr chmod 2
+operation to return an error when used on any file or directory which has
+a non-trivial
+.Tn ACL
+whose entries can not be represented by a mode.
+.Xr chmod 2
+is required to change the set user ID, set group ID, or sticky bits on a file
+or directory, as they do not have equivalent
+.Tn ACL
+entries.
+In order to use
+.Xr chmod 2
+on a file or directory with a non-trivial
+.Tn ACL
+when
+.Sy aclmode
+is set to
+.Sy restricted ,
+you must first remove all
+.Tn ACL
+entries which do not represent the current mode.
+.El
.It Sy acltype Ns = Ns Sy off Ns | Ns Sy noacl Ns | Ns Sy posixacl
Controls whether ACLs are enabled and if so what type of ACL to use.
+This property is not visible on FreeBSD yet.
.Bl -tag -width "posixacl"
.It Sy off
default, when a file system has the
diff --git a/module/zcommon/zfs_prop.c b/module/zcommon/zfs_prop.c
index 506a9bdfe..8dfadfaaf 100644
--- a/module/zcommon/zfs_prop.c
+++ b/module/zcommon/zfs_prop.c
@@ -160,6 +160,14 @@ zfs_prop_init(void)
{ NULL }
};
+ static zprop_index_t acl_mode_table[] = {
+ { "discard", ZFS_ACL_DISCARD },
+ { "groupmask", ZFS_ACL_GROUPMASK },
+ { "passthrough", ZFS_ACL_PASSTHROUGH },
+ { "restricted", ZFS_ACL_RESTRICTED },
+ { NULL }
+ };
+
static zprop_index_t acltype_table[] = {
{ "off", ZFS_ACLTYPE_OFF },
{ "disabled", ZFS_ACLTYPE_OFF },
@@ -330,9 +338,16 @@ zfs_prop_init(void)
zprop_register_index(ZFS_PROP_SNAPDEV, "snapdev", ZFS_SNAPDEV_HIDDEN,
PROP_INHERIT, ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME,
"hidden | visible", "SNAPDEV", snapdev_table);
+#ifdef __FreeBSD__
+ zprop_register_index(ZFS_PROP_ACLMODE, "aclmode", ZFS_ACL_DISCARD,
+ PROP_INHERIT, ZFS_TYPE_FILESYSTEM,
+ "discard | groupmask | passthrough | restricted", "ACLMODE",
+ acl_mode_table);
+#else
zprop_register_index(ZFS_PROP_ACLTYPE, "acltype", ZFS_ACLTYPE_OFF,
PROP_INHERIT, ZFS_TYPE_FILESYSTEM | ZFS_TYPE_SNAPSHOT,
"noacl | posixacl", "ACLTYPE", acltype_table);
+#endif
zprop_register_index(ZFS_PROP_ACLINHERIT, "aclinherit",
ZFS_ACL_RESTRICTED, PROP_INHERIT, ZFS_TYPE_FILESYSTEM,
"discard | noallow | restricted | passthrough | passthrough-x",
@@ -602,9 +617,17 @@ zfs_prop_init(void)
* that we don't have to change the values of the zfs_prop_t enum, or
* have NULL pointers in the zfs_prop_table[].
*/
- zprop_register_hidden(ZFS_PROP_PRIVATE, "priv_prop",
- PROP_TYPE_NUMBER, PROP_READONLY, ZFS_TYPE_FILESYSTEM,
- "PRIV_PROP");
+#ifdef __FreeBSD__
+ zprop_register_impl(ZFS_PROP_ACLTYPE, "acltype", PROP_TYPE_INDEX,
+ ZFS_ACLTYPE_OFF, NULL, PROP_INHERIT,
+ ZFS_TYPE_FILESYSTEM | ZFS_TYPE_SNAPSHOT,
+ "noacl | posixacl", "ACLTYPE", B_FALSE, B_FALSE, acltype_table);
+#else
+ zprop_register_impl(ZFS_PROP_ACLMODE, "aclmode", PROP_TYPE_INDEX,
+ ZFS_ACL_DISCARD, NULL, PROP_INHERIT, ZFS_TYPE_FILESYSTEM,
+ "discard | groupmask | passthrough | restricted", "ACLMODE",
+ B_FALSE, B_FALSE, acl_mode_table);
+#endif
zprop_register_hidden(ZFS_PROP_REMAPTXG, "remaptxg", PROP_TYPE_NUMBER,
PROP_READONLY, ZFS_TYPE_DATASET, "REMAPTXG");