Re: ACLS on UFS2 from FreeBSD 5.1-RELEASE install.

From: Robert Watson <rwatson_at_freebsd.org>
Date: Tue, 5 Aug 2003 10:46:47 -0400 (EDT)
On 2 Aug 2003, Scott M. Likens wrote:

> Has anyone noticed the ACLS being disabled? 
> 
> tunefs -p /dev/da1s1c shows that ACLS are disabled on every partition I
> have, i've gone through them all. 
> 
> any reason why? 

Yes -- they are disabled by default because they're not required by most
users, and as a new (and slightly experimental) feature, involve a
slightly greater risk of problems.  I believe I added support to
sysinstall to enable ACLs during the partition process; if not, you can
enable them later using tunefs.  One of the difficulties associated with
ACLs is that not all applications understand them -- while the failure
mode is predictable and relatively clean, it means that you may sometimes
lose ACLs on objects when they are replaced by an application without ACL
support.  For example, some applications will move a file out of the way
and create a new copy when updating a file -- if they don't understand
ACLs, they can't propagate the ACL from the old object to the new object.
Also, several of the base system utilities (such as mv) don't currently
propagate ACLs.  I hope to fix up a number of them for 5.3, but I suspect
we'll bump into such programs once in a while as we move forwards.

Most of the performance loss associated with ACLs on UFS1 have been
eliminated through UFS2, which is a point in favor of enabling ACLs by
default. 

Once they've settled for some time and the feedback is all looking good,
we might choose to enable them by default.  Disabling by default is
consistent with several other systems also supporting ACLs. 

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert_at_fledge.watson.org      Network Associates Laboratories
Received on Tue Aug 05 2003 - 05:46:53 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:17 UTC