[Acl-devel] Fixing common utilities in the presence of default ACLs

[Michael Orlitzky]

Hello, I brought this up a about a year and a half when I first
encountered the problem. The solution that I came up with has been in
production for a long time and is stable and "doing the right thing" as
far as I'm concerned, so I'd like to revisit the issue.

Here's a better reference[1], but I can describe the issue in a sentence
or two. Many common utilities -- tar, for example -- claim to support
ACLs but attempt to preserve group permission bits when creating files.
If there is a default ACL on the parent directory, then that ACL will be
inherited by the new file, and now the group permission bits don't
represent group permissions any more. So when tar twiddles the group
bits, it instead sets an upper bound on the ACL rights and that clobbers
the ACL that you'd like to have set by default.

This has been brought up on e.g. the coreutils bug tracker, but a fix
never materialized because the right thing to do is not obvious and an
algorithm that gets does get it right will be complicated. I've written
that algorithm:

  http://michael.orlitzky.com/code/apply-default-acl.php

  git clone http://michael.orlitzky.com/git/apply-default-acl.git

The code is clean, documented, and as I mentioned -- now well tested.
There is also a full test suite available to check its correctness,
assuming you agree with the expected outcomes!

The meat of the implementation is the apply_default_acl() function, and
this is what I would like to see made available to the utility writers.
If there were a magic function in libacl that the authors of tar, 7z,
cp, etc. could call to "just fix it," then I believe I could finally get
this issue resolved.

If NFSv4 ACLs ever reach maturity, this functionality will also be
critical to their adoption.

So, is there a place for apply_default_acl() in libacl?


[1]
http://michael.orlitzky.com/articles/problems_with_posix_acls_and_common_utilities.php