在NFS服务器上,若同时支持Mode和ACL,必须确保它们的一致性。当修改Mode时,ACL应相应更新,反之亦然。服务器在设置Mode或ACL时需遵循特定规则,以防止权限冲突,并确保语义上的等效访问权限。同时,服务器不允许在设置ACL时设置DACL或SACL属性。
6.4 Requirement
NFS服务器如果同时支持Mode和ACL,必须特别注意mode的MODE4_*USR,MODE4_*GRP,MODE4_*OTH位和ACEs中的"OWNER@","GROUP@","EVERYONE@"的转换。这样做的目的是,无论客户端查看ACL,还是查看Owner,Owner_group,Mode属性时,都能获得语义一致的权限。
The server that supports both mode and ACL must take care to synchronize the MODE4_*USR, MODE4_*GRP, and MODE4_*OTH bits with the ACEs that have respective who fields of "OWNER@", "GROUP@", and "EVERYONE@". This way, the client can see if semantically equivalent access permissions exist whether the client asks for the owner, owner_group, and mode attributes or for just the ACL.
6.4.1. 同时或独立设置Mode和ACL属性 Setting the Mode and/or ACL Attributes
在NFS服务器同时支持SACL或DACL属性的场景,除了ACL属性之外,服务器必须拒绝在设置acl属性的同时设置DACL或SACL属性。错误码为:NFS4ERR_ATTRNOTSUPP
In the case where a server supports the sacl or dacl attribute, in addition to the acl attribute, the server MUST fail a request to set the acl attribute simultaneously with a dacl or sacl attribute. The error to be given is NFS4ERR_ATTRNOTSUPP.
6.4.1.1 设置Mode,不设置ACL
6.4.1.1 Setting Mode and not ACL
仅修改Mode属性,或者仅修改mode_set_masked属性时包含Mode的低位,导致Mode的低位改变时,(不显式修改ACL),ACL和DACL属性需要一起跟着改变。如果修改前后的Mode位一样,也需要修改ACL和DACL。
When any of the nine low-order mode bits are subject to change, either because the mode attribute was set or because the
mode_set_masked attribute was set and the mask included one or more bits from the nine low-order mode bits, and no ACL attribute is explicitly set, the acl and dacl attributes must be modified in accordance with the updated value of those bits. This must happen even if the value of the low-order bits is the same after the mode is set as before.
注:Audit或Alarm ACES(因此,SACL属性中的ACEs)不会因为mode的变化而受到影响。
Note that any AUDIT or ALARM ACEs (hence any ACEs in the sacl attribute) are unaffected by changes to the mode.
Mode位的权限变更时,ACL和DACL属性必须跟着修改。变换方式可以参考RFC 5661 6.3.2章节。ACL属性必须遵守以下规则:
In cases in which the permissions bits are subject to change, the acl and dacl attributes MUST be modified such that the mode computed via the method in Section 6.3.2 yields the low-order nine bits (MODE4_R*, MODE4_W*, MODE4_X*) of the mode attribute as modified by the attribute change. The ACL attributes SHOULD also be modified such that:
1)如果MODE4_RGRP没有设置,ACL中除了OWNER@和EVERYONE@之外,任何ACE禁止赋予读权限(ACE4_READ_DATA)。
1)If MODE4_RGRP is not set, entities explicitly listed in the ACL other than OWNER@ and EVERYONE@ SHOULD NOT be granted ACE4_READ_DATA.
2)如果MODE4_WGRP 没有设置,ACL中除了OWNER@和EVERYONE@之外,任何ACE禁止赋予写权限(ACE4_WRITE_DATA 或ACE4_APPEND_DATA)。
2)If MODE4_WGRP is not set, entities explicitly listed in the ACL other than OWNER@ and EVERYONE@ SHOULD NOT be granted ACE4_WRITE_DATA or ACE4_APPEND_DATA.
2)如果MODE4_XGRP 没有设置,ACL中除了OWNER@和EVERYONE@之外,任何ACE禁止赋予执行权限(ACE4_EXECUTE)。
3)If MODE4_XGRP is not set, entities explicitly listed in the ACL other than OWNER@ and EVERYONE@ SHOULD NOT be granted ACE4_EXECUTE.
除了上述情况外,在允许ACEs中的访问掩码也可能会被拒绝。
Access mask bits other than those listed above, appearing in ALLOW ACEs, MAY also be disabled.
注:带有ACE4_INHERIT_ONLY_ACE 标签的ACEs,AUDIT ACEs,ALARM ACEs不影响ACL的权限。因此,修改ACL属性时,最好不要修改这些ACEs。
Note that ACEs with the flag ACE4_INHERIT_ONLY_ACE set do not affect the permissions of the ACL itself, nor do ACEs of the type AUDIT and ALARM. As such, it is desirable to leave these ACEs unmodified when modifying the ACL attributes.
注:也可以通过丢弃ACL和DACL来满足此需求。这种方式是允许的,但是最优的做法是不打破上述规格的同时,尽可能保留ACL。 丢弃ACL带来的后果是,在文件创建时,无法通过mode属性来继承父目录的ACL。
Also note that the requirement may be met by discarding the acl and dacl, in favor of an ACL that represents the mode and only the mode. This is permitted, but it is preferable for a server to preserve as much of the ACL as possible without violating the above requirements. Discarding the ACL makes it effectively impossible for a file created with a mode attribute to inherit an ACL (see Section 6.4.3).
6.4.1.2 设置ACL,不设置Mode
6.4.1.2. Setting ACL and Not Mode
当设置ACL或DACL,不设置Mode或mode_set_masked属性时,Mode的权限需要通过ACL计算获取。此场景下,ACL属性需要设置。Mode属性的低9位(MODE4_R*, MODE4_W*, MODE4_X*)需要根据ACL进行修改。修改方式可以参考RFC 5661 6.3.2。Mode的高三位(MODE4_SUID, MODE4_SGID, MODE4_SVTX) 保持不变。
When setting the acl or dacl and not setting the mode or mode_set_masked attributes, the permission bits of the mode need to be derived from the ACL. In this case, the ACL attribute SHOULD be set as given. The nine low-order bits of the mode attribute (MODE4_R*, MODE4_W*, MODE4_X*) MUST be modified to match the result of the method in Section 6.3.2. The three high-order bits of the mode (MODE4_SUID, MODE4_SGID, MODE4_SVTX) SHOULD remain unchanged.
6.4.1.3 同时设置ACL和Mode
6.4.1.3. Setting Both ACL and Mode
在一个操作中,同时包含了设置Mode(mode属性或mode_set_masked属性)和ACL或DACL属性时,在服务器侧执行的顺序如下:mode(或mode_set-masked),ACL。Mode相关的属性先修改,然后修改ACL。修改ACL的时候,有可能会修改Mode。
When setting both the mode (includes use of either the mode attribute or the mode_set_masked attribute) and the acl or dacl attributes in the same operation, the attributes MUST be applied in this order: mode (or mode_set_masked), then ACL. The mode-related attribute is set as given, then the ACL attribute is set as given, possibly changing the final mode, as described above in Section 6.4.1.2.
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
