We are seeing strange behavior with the current versions of XFS when using a
large number of ACEs in a combination of Access and Default ACEs. When one
creates enough entries so that you have exactly 21 ACEs in an ACL and then you
try to create 21 or more ACEs in the 'other' ACL on a directory, the operation
will fail. It often panics the system. Any subsequent access attempt to that
directory will also panic the system. Note the number of ACEs counted includes
the u,g,m,o entries if they are present.
Another very interesting note is that, if you create enough entries so that you
have a total number of ACEs greater than 21 (or less than 21), there is no
problem creating the 'other' ACL entries until you reach the XFS limit of 25
entrys.
It may be a problem caused by trying to fit the ACL into the inode... but I'm
much too confused right now to be sure ;->
Andreas:
As a side note: there seems to be a difficulty using the current userspace
tools to make any ACEs when you have more than 16 already created. The 17th
will seem to be created fine (with setfacl -d -m u:a17:rw ./test_dir) but a
subsequent getfacl call will return 'argument too long'. If you _don't_ check
the ACL with getfacl, the next use of setfacl will yield the same error,
'argument too long'. XFS _should_ allow a total of 25 ACEs in the Access ACL
and 25 ACEs in the Default ACL. (And older versions of the tools (2.0.4) seem
to work)
--
John M. Trostel
Senior Software Engineer
Quantum Corp. / NASD
jtrostel@xxxxxxxxxxxxxx
|