From d682ce6b768c83b1f95afb0537c36e82339f66cd Mon Sep 17 00:00:00 2001 From: Aneesh Kumar K.V Date: Wed, 18 Nov 2009 13:56:24 +0530 Subject: [PATCH 5/5] richacl: Print additional information regarding always allowed access mask Posix system always allow ACE4_SYNCHRONIZE, ACE4_READ_ATTRIBUTES and ACE4_READ_ACL access. So a deny entry with these access mask don't actually result in a deny. We want to allow kernel to store these deny entries so that nfs server can deny these access as per nfsv4.1 RFC. But on local file system we always allow the access Signed-off-by: Aneesh Kumar K.V --- lib/richacl.c | 15 ++++++++++++++- 1 files changed, 14 insertions(+), 1 deletions(-) diff --git a/lib/richacl.c b/lib/richacl.c index 245121c..dd54c3a 100644 --- a/lib/richacl.c +++ b/lib/richacl.c @@ -606,7 +606,6 @@ char *richacl_to_text(const struct richacl *acl, int fmt) write_acl_flags(buffer, acl->a_flags, fmt); if (fmt & RICHACL_TEXT_SHOW_MASKS) { unsigned int allowed = 0; - fmt2 = fmt; richacl_for_each_entry(ace, acl) { if (richace_is_inherit_only(ace)) @@ -653,6 +652,13 @@ char *richacl_to_text(const struct richacl *acl, int fmt) write_ace_flags(buffer, ace->e_flags, fmt2); buffer_sprintf(buffer, ":"); write_type(buffer, ace->e_type); + if (ace->e_mask & ACE4_POSIX_ALWAYS_ALLOWED && + (!(fmt2 & RICHACL_TEXT_SIMPLIFY))) { + buffer_sprintf(buffer, "\t# "); + write_mask(buffer, ace->e_mask & ACE4_POSIX_ALWAYS_ALLOWED, + RICHACL_TEXT_LONG); + buffer_sprintf(buffer, " (Not evaluated on local file system)"); + } buffer_sprintf(buffer, "\n"); } @@ -993,6 +999,13 @@ struct richacl *richacl_from_text(const char *str, int *pflags, if (!type_str) goto fail; str = c; + /* Look for comments */ + c = strchr(str, '#'); + if (c) { + /* we have additonal info in the line */ + c = strchr(str, '\n'); + str = c; + } if (mask_from_text(mask_str, &mask, error)) goto fail_einval; -- 1.6.5.2.74.g610f9