Open chucklever opened 4 months ago
I started looking at this today. This is a bit tricky since the VFS doesn't return information about why it allowed the open in the first place. To do this right, I suppose we'll need to repeat the permission checks ourselves after the fact, and try to figure out why we were allowed to open the file.
What may be best is to shoot for just covering a large subset of the cases:
If none of the above allow access, then it was probably a POSIX ACE. It's probably best to just return no ACE at that point. We could try to walk the ace, but I'd probably consider that a "phase 2" thing. I'll see if I can hack something together for this.
Wondering if Rick's POSIX ACL draft or the NFSv4 ACL draft itself need to give some guidance on what a server needs to provide for delegation ACEs. I think NFSD ought to be OK returning no ACE for the moment when a POSIX ACL limits OPEN access.
NFSv4.1 delegations (both read and write) can return a list of users that do not need to perform access calls when opening a file. Section 18.16.2 defines these like this:
and
Unfortunately RFC 8881 has little else to say about the semantics of this mechanism. It's not evident yet how many clients support this feature. However, if the file's ACL is easily available at OPEN time, it shouldn't be difficult to extract an ACE and provide it here.