naccess and AFS
dillon at apollo.backplane.com
Tue Dec 7 14:44:28 PST 2004
:AFS uses acl:s to determine who can do what in a directory.
:Unfortunately naccess assusmes it can determine this from
:the unix user, group and mode information.
:Below is a patch that works for me...
Well, we can't quite do that, it undoes part of the purpose of naccess()
which is to reduce the complexity of VFS's and to be able to cache the
attr results and avoid a VFS call entirely (which will be necessary for
efficiency when the VFS's are threaded).
Not to say that we can't call VOP_ACCESS, only that what needs to be
done is to have those VFSs which require further checks to set a flag
in the returned vattr telling naccess() to do the additional check(s).
Eventually we will be able to add code to cache that information as well.
Would you like to have a go at doing that?
More information about the Kernel