[ACL-Devel] Re: OT: ACLs for Linux

Andreas Gruenbacher a.gruenbacher@bestbits.at
Thu, 13 Apr 2000 00:00:00 +0200 

Linda Walsh wrote:
> 
> Andreas Gruenbacher wrote:
> > We can define a one-block format that fits our current needs until a general
> > attribute storage mechanism exists. For inclusion into the kernel, this seems
> > not good enough (we would get a maximum of about 40 ACL entries on filesystems
> > with 1K blocks). The problem I see is that there is really only one 32-bit value
> > left per inode that we can grab, so we would have to dump our one-block format,
> > breaking compatibility.
> ---
> 
>         Hmmm...We calculate 96 ACLs/1 K block.  1 16-bit mode word, 1 16-bit access
> permission word, and 1 32 byte uid or gid.  8 bytes/entry.  Is more needed than
> that?  As far as the ACL size limit.  IRIX only supports about 25 ACL's total on
> an access list.  None of our customers have needed more than that -- managing
> more gets to be hairy and a group is probably more convenient.  Imagine a
> user-level group editor that either could allow root only to create groups, but a
> group-owner to edit it, or even allowing users to create groups through a SET_CAP
> group editor.

I guess it's up to 30 entries on Irix. Actually, I currently have all the data
on one block: ACL, Default ACL, MAC, CAP. The ACL and Default ACL are equal size
for simplicity right now. Which makes only half as many entries in each. I did
the following layout:

    4 bytes magic number
    4 bytes reference count
  256 bytes MAC
   48 bytes CAP
    4 bytes ACL offsets
   12 bytes reserved
    8 bytes ACL entry counts
  ---
  332 bytes
 1024-
  688 bytes = 2x43 ACL entries

It would also be possible to store the ACL and default ACL on separate blocks
(there also is a pointer for default ACLs in inodes). But I thought it
complicates things and isn't really necessary. The default ACL pointer is also
double-used for big files to store the upper 32 bits of the file size. Quite
ugly.

I don't feel very comfortable with an ACL entry limit of 43 (assuming 1K
blocks). I've heard that everybody seems happy with it on Irix, so it can't be
that bad. This is however a rather low arbirary limit. I would not be surprised
to find people running Linux who are a bit more crazy than the average Irix
user  :-)

As soon as we'll have arbitrary attributes that becomes a non-issue, anyway...

Andreas
 
------------------------------------------------------------------------
 Andreas Gruenbacher, a.gruenbacher@computer.org
 Contact information: http://www.bestbits.at/~ag/
-------------------------------------------------------------------------
Linux ACL Developers List ---  http://acl.bestbits.at/acl-devel/

To unsubscribe, send a message with `unsubscribe acl-devel'
in the message body to majordomo@bestbits.at.
-------------------------------------------------------------------------