Hi,
After looking at the Revised section 5 in the withdrawn
ACL standard, 5.3.1.2 states how a newly created file will
obtain its ACLs.
And indeed, if the ACLs are turned on and a file is created
in a directory which has a default ACL, then the umask
is not supposed to be used at all - only the default ACL and
the operation's mode are to be used.
The rational for this is given in section B.23.5 where it
actually explicitly says that the umask is not to be used.
Looking at the code in fs/xfs/xfs_acl.c and xfs_acl_inherit()
it is doing the right thing.
However, by this stage of setting up the acl the vap->va_mode
has already been changed by the umask !
So there is our bug.
In fs/namei.c (vfs_create(), vfs_mknod() and vfs_mkdir())
it updates the mode with the umask (before we get to see the
mode argument).
There needs to be a test on the directory to see if it
has a default ACL before updating the mode with the umask.
Looking at Andreas' ACL patch, he has in fact patched fs/namei.c
for each case of where umask is used.
If the inode's fs has ACLs turned on
(inode)->i_sb->s_ext_attr_flags & EXT_ATTR_FLAG_POSIX_ACL
then he doesn't use the umask.
Then in the ACL code, he uses the umask if the directory
doesn't have a default ACL.
I'll have a look at ways to fix our code tomorrow.
Cheers,
Tim.
|