[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <3C7004E8-E732-40C1-B0DD-2A2290E43AC5@pocnet.net>
Date: Mon, 16 Jan 2023 13:25:07 +0100
From: Patrik Schindler <poc@...net.net>
To: Jan Kara <jack@...e.cz>
Cc: linux-ext4@...r.kernel.org, Ted Tso <tytso@....edu>
Subject: Re: ext4: Remove deprecated noacl/nouser_xattr options
Hello Jan,
thanks for your kind response.
Am 16.01.2023 um 11:42 schrieb Jan Kara <jack@...e.cz>:
> On Sun 15-01-23 23:56:21, Patrik Schindler wrote:
>> sorry for contacting you directly, but I struggle to find relevant
>> information on this topic.
>
> This is best discussed on ext4 development mailing list (added to CC).
Am I required to join that list?
>> In this web page is documented that "noacl" for ext4 is deprecated.
>>
>> https://patchwork.ozlabs.org/project/linux-ext4/patch/1658977369-2478-1-git-send-email-xuyang2018.jy@fujitsu.com/
>>
>> Do you have some background information at hand why noacl is deprecated,
>> and how to get the functionality of noacl after this change?
>
> Yes, these options were deprecated for a long time (10 years) and now they are removed since nobody complained. The reasoning is in commit f70486055ee ("ext4: try to deprecate noacl and noxattr_user mount options"):
>
> No other file system allows ACL's and extended attributes to be enabled or disabled via a mount option. So let's try to deprecate these options from ext4.
Understood.
> And it makes sense to me. It looks a bit strange and dangerous to disable (part of) permission checks for the files. What usecase did you have for it?
I'm using Debian Linux 11.
When copy Files from my Mac via Samba to ext4 volumes, ACLs get added. (Much) earlier, this wasn't the case, and just UNIX permissions were in effect. For me, UNIX permissions are totally sufficient, and I can easily see what's going on with ls -l. For ACLs, I need to individually fiddle with get/setfacl.
This feels cumbersome to me and gives me a sense not having immediate control over access rights. Thus I'd like to find a way to get the previous behavior back. Ideally without recompiling samba to remove ACL support, as outlined here: https://serverfault.com/questions/828977/how-can-i-stop-samba-from-writing-extended-acls
For a very long time I had noacl in my fstab but with the update to Debian 11, I saw the message about the deprecation. Not sure when I observed ACLs being actually written by Samba, though.
In addition, even newer Google hits almost entirely state "noacl in fstab to suppress ACLs for ext4", so I'm probably not the only one trying to disable them and people largely failed to understand that noacl has no effect anymore.
Thanks!
:wq! PoC
Powered by blists - more mailing lists