From: Brewer, Edward (BREWERE@OD.NIH.GOV)
Date: Thu Aug 15 2002 - 08:44:39 EDT
Admins,
Here is the answer. Again from Ann Majeske, Thanks Ann!
Hi Lee,
In general, the ACLs will be honored from other systems but you
cannot look at or change them from the nonTru64 UNIX systems.
As long as you're running NFSv3 access is checked on the server.
So, all access checks and ACL inheritance should work from all NFS
clients. For NFSv2 even Tru64 UNIX systems may not always honor
ACLs since according to the NFSv2 protocol sometimes the permission
bits are cached and checked on the client instead of all access
checks happening on the NFS server.
But you will not be able to set or look at the ACLs from any
systems other than Tru64 UNIX. Unfortunately there's no such
thing as an industry standard implementation of ACLs yet and Tru64
UNIX ACLs are stored in extended attributes (property lists) which
are also not an industry standard, so there is no way for the other
systems to see the ACLs. They will basically ignore the proplistd.
If you're using autofs and running the latest patch kit on either
V5.1 or V5.1a there is a patch that you will need before enabling
ACLs on the system or none of your users will be able to access any
autofs indirect or special mounts. The patch isn't in any of the
patch kits yet so you'll have to open a problem report with HP
support to get it.
If you run across behavior other than this, let me know.
Ann
Lee Brewer
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:48:49 EDT