possible NIS/ACL bug?

From: Mark Nipper <nipsy_at_tamu.edu>
Date: Mon, 3 Nov 2003 00:17:58 -0600
	I think I might have found a bug in ACL's under UFS2 with
5.1-RELEASE-p10.  I have been using ACL's successfully for awhile
now, but I'd never played with default ACL's for directories and
files you create underneath said directories until I came across
the daemon news article at:
---
http://ezine.daemonnews.org/200310/acl.html

	Anyway, while playing and following the examples, I think
I may have found a bug in ACL's when using NIS maps.  Here's my
example (extra newline between prompts):
---
nipsy_at_xyz/p0:~/test> getfacl .. | setfacl -M - .

nipsy_at_xyz/p0:~/test> getfacl .
#file:.
#owner:1019
#group:1019
user::rwx
group::r-x
group:nes:r-x
group:loki:r-x
mask::r-x
other::r-x

nipsy_at_xyz/p0:~/test> getfacl .. | setfacl -dM - .

nipsy_at_xyz/p0:~/test> getfacl -d .
#file:.
#owner:1019
#group:1019
user::rwx
group::r-x
group:nes:r-x
group:loki:r-x
mask::r-x
other::r-x

nipsy_at_xyz/p0:~/test> touch something

nipsy_at_xyz/p0:~/test> getfacl something 
#file:something
#owner:1019
#group:1019
user::rw-
group::r-x              # effective: r--
group::r-x              # effective: r--
group::r-x              # effective: r--
mask::r--
other::r--
---

	Uh oh!  It's that last part where there are the two extra
entries for the two ACL added groups, but no GID seems to have
been stored with each entry, whereas the example in the daemon
news article does actually show GID's in these places.

	So I assume this is an NIS/ACL bug of some kind?  Both my
uid and gid as well as both the gid's above (nes and loki) are
mapped via NIS.  If anyone needs me to do anything else, let me
know.  I don't feel nearly competent enough to start debugging
the source for get/setfacl to try to grok any of this.  :)

-- 
Mark Nipper                                                e-contacts:
Computing and Information Services                      nipsy_at_tamu.edu
Texas A&M University                        http://ops.tamu.edu/nipsy/
College Station, TX 77843-3142     AIM/Yahoo: texasnipsy ICQ: 66971617
(979)575-3193                                      MSN: nipsy_at_tamu.edu

-----BEGIN GEEK CODE BLOCK-----
GG/IT d- s++:+ a- C++$ UBL+++$ P--->+++ L+++$ E---
W++ N+ o K++ w(---) O++ M V(--) PS+++(+) PE(--) Y+
PGP++(+) t 5 X R tv b+++ DI+(++) D+ G e h r++ y+(**)
------END GEEK CODE BLOCK------

---begin random quote of the moment---
"Well, if we told you how we did it, then it very well wouldn't
be unbreakable, would it?  You need to trust us with your data.
These are not the backdoors you are looking for."
 -- random /. quote
----end random quote of the moment----
Received on Sun Nov 02 2003 - 21:17:59 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:27 UTC