From 292aad75052ee582737b41ec7fb62ee1d9899a4f Mon Sep 17 00:00:00 2001 From: christos Date: Sat, 18 Sep 2021 03:05:19 +0000 Subject: [PATCH] Change the default for ACLs to be posix1e instead of nfsv4 to match FreeBSD. Requested by chuq. --- UPDATING | 7 +++- include/mntopts.h | 3 +- sbin/mount_ffs/mount_ffs.c | 6 ++-- sbin/tunefs/tunefs.c | 18 +++++----- sys/sys/fstypes.h | 13 ++++---- sys/ufs/ffs/ffs_vfsops.c | 18 +++++----- sys/ufs/ffs/fs.h | 9 ++--- usr.sbin/dumpfs/dumpfs.c | 68 +++++++++++++++++++++----------------- 8 files changed, 78 insertions(+), 64 deletions(-) diff --git a/UPDATING b/UPDATING index 267536757160..c744365b0e83 100644 --- a/UPDATING +++ b/UPDATING @@ -1,4 +1,4 @@ -$NetBSD: UPDATING,v 1.320 2021/08/21 09:59:45 andvar Exp $ +$NetBSD: UPDATING,v 1.321 2021/09/18 03:05:19 christos Exp $ This file (UPDATING) is intended to be a brief reference to recent changes that might cause problems in the build process, and a guide for @@ -19,6 +19,11 @@ See also: BUILDING, build.sh, Makefile. Recent changes: ^^^^^^^^^^^^^^^ +20210917: + Changed MNT_ACLS to default to POSIX1e ACLs instead of NFSv4 + ACLs, to be compatible with FreeBSD. If you are using NFSv4 ACLs + and have "acls" in /etc/fstab you'll need to change it to "nfs4acls". + 20210711: Updated GMP sources may require cleaning in tools/gmp and/or in external/lgpl3/gmp/lib, particularly if GCC itself does not build. diff --git a/include/mntopts.h b/include/mntopts.h index 8a4f544c6d5e..81315a4ccd28 100644 --- a/include/mntopts.h +++ b/include/mntopts.h @@ -1,4 +1,4 @@ -/* $NetBSD: mntopts.h,v 1.19 2020/05/16 18:31:47 christos Exp $ */ +/* $NetBSD: mntopts.h,v 1.20 2021/09/18 03:05:20 christos Exp $ */ /*- * Copyright (c) 1994 @@ -44,6 +44,7 @@ struct mntopt { /* User-visible MNT_ flags. */ #define MOPT_ACLS { "acls", 0, MNT_ACLS, 0 } +#define MOPT_NFS4ACLS { "nfs4acls", 0, MNT_NFS4ACLS, 0 } #define MOPT_POSIX1EACLS { "posix1eacls",0, MNT_POSIX1EACLS, 0 } #define MOPT_ASYNC { "async", 0, MNT_ASYNC, 0 } #define MOPT_NOCOREDUMP { "coredump", 1, MNT_NOCOREDUMP, 0 } diff --git a/sbin/mount_ffs/mount_ffs.c b/sbin/mount_ffs/mount_ffs.c index c10f9ca76a3c..224d90e70679 100644 --- a/sbin/mount_ffs/mount_ffs.c +++ b/sbin/mount_ffs/mount_ffs.c @@ -1,4 +1,4 @@ -/* $NetBSD: mount_ffs.c,v 1.29 2020/05/16 18:31:47 christos Exp $ */ +/* $NetBSD: mount_ffs.c,v 1.30 2021/09/18 03:05:20 christos Exp $ */ /*- * Copyright (c) 1993, 1994 @@ -39,7 +39,7 @@ __COPYRIGHT("@(#) Copyright (c) 1993, 1994\ #if 0 static char sccsid[] = "@(#)mount_ufs.c 8.4 (Berkeley) 4/26/95"; #else -__RCSID("$NetBSD: mount_ffs.c,v 1.29 2020/05/16 18:31:47 christos Exp $"); +__RCSID("$NetBSD: mount_ffs.c,v 1.30 2021/09/18 03:05:20 christos Exp $"); #endif #endif /* not lint */ @@ -64,7 +64,7 @@ __dead static void ffs_usage(void); static const struct mntopt mopts[] = { MOPT_STDOPTS, - MOPT_ACLS, + MOPT_NFS4ACLS, MOPT_POSIX1EACLS, MOPT_ASYNC, MOPT_SYNC, diff --git a/sbin/tunefs/tunefs.c b/sbin/tunefs/tunefs.c index 1f90d02ddee9..ea46a5537885 100644 --- a/sbin/tunefs/tunefs.c +++ b/sbin/tunefs/tunefs.c @@ -1,4 +1,4 @@ -/* $NetBSD: tunefs.c,v 1.54 2020/11/26 02:06:01 dholland Exp $ */ +/* $NetBSD: tunefs.c,v 1.55 2021/09/18 03:05:20 christos Exp $ */ /* * Copyright (c) 1983, 1993 @@ -39,7 +39,7 @@ __COPYRIGHT("@(#) Copyright (c) 1983, 1993\ #if 0 static char sccsid[] = "@(#)tunefs.c 8.3 (Berkeley) 5/3/95"; #else -__RCSID("$NetBSD: tunefs.c,v 1.54 2020/11/26 02:06:01 dholland Exp $"); +__RCSID("$NetBSD: tunefs.c,v 1.55 2021/09/18 03:05:20 christos Exp $"); #endif #endif /* not lint */ @@ -361,21 +361,21 @@ main(int argc, char *argv[]) if (aflag) { name = "ACLs"; if (strcmp(avalue, "enable") == 0) { - if (sblock.fs_flags & FS_ACLS) { + if (sblock.fs_flags & FS_NFS4ACLS) { warnx("%s remains unchanged as enabled", name); } else if (sblock.fs_flags & FS_POSIX1EACLS) { warnx("%s and POSIX.1e ACLs are mutually " "exclusive", name); } else { - sblock.fs_flags |= FS_ACLS; + sblock.fs_flags |= FS_NFS4ACLS; printf("%s set\n", name); } } else if (strcmp(avalue, "disable") == 0) { - if ((~sblock.fs_flags & FS_ACLS) == FS_ACLS) { + if ((~sblock.fs_flags & FS_NFS4ACLS) == FS_NFS4ACLS) { warnx("%s remains unchanged as disabled", name); } else { - sblock.fs_flags &= ~FS_ACLS; + sblock.fs_flags &= ~FS_NFS4ACLS; printf("%s cleared\n", name); } } @@ -386,7 +386,7 @@ main(int argc, char *argv[]) if (strcmp(pvalue, "enable") == 0) { if (sblock.fs_flags & FS_POSIX1EACLS) { warnx("%s remains unchanged as enabled", name); - } else if (sblock.fs_flags & FS_ACLS) { + } else if (sblock.fs_flags & FS_NFS4ACLS) { warnx("%s and ACLs are mutually " "exclusive", name); } else { @@ -434,8 +434,8 @@ main(int argc, char *argv[]) } printf("\tPOSIX.1e ACLs %s\n", (sblock.fs_flags & FS_POSIX1EACLS) ? "enabled" : "disabled"); - printf("\tACLs %s\n", - (sblock.fs_flags & FS_ACLS) ? "enabled" : "disabled"); + printf("\tNFS4 ACLs %s\n", + (sblock.fs_flags & FS_NFS4ACLS) ? "enabled" : "disabled"); printf("%s: no changes made\n", getprogname()); return 0; } diff --git a/sys/sys/fstypes.h b/sys/sys/fstypes.h index 69ef479d78e0..eb631a72c773 100644 --- a/sys/sys/fstypes.h +++ b/sys/sys/fstypes.h @@ -1,4 +1,4 @@ -/* $NetBSD: fstypes.h,v 1.40 2020/07/05 20:41:50 christos Exp $ */ +/* $NetBSD: fstypes.h,v 1.41 2021/09/18 03:05:20 christos Exp $ */ /* * Copyright (c) 1989, 1991, 1993 @@ -94,7 +94,7 @@ typedef struct fhandle fhandle_t; #define MNT_NOCOREDUMP 0x00008000 /* don't write core dumps to this FS */ #define MNT_RELATIME 0x00020000 /* only update access time if mod/ch */ #define MNT_IGNORE 0x00100000 /* don't show entry in df */ -#define MNT_ACLS 0x00200000 /* uses Access Control Lists */ +#define MNT_NFS4ACLS 0x00200000 /* uses NFS4 Access Control Lists */ #define MNT_DISCARD 0x00800000 /* use DISCARD/TRIM if supported */ #define MNT_EXTATTR 0x01000000 /* enable extended attributes */ #define MNT_LOG 0x02000000 /* Use logging */ @@ -104,11 +104,12 @@ typedef struct fhandle fhandle_t; #define MNT_NODEVMTIME 0x40000000 /* Never update mod times for devs */ #define MNT_SOFTDEP 0x80000000 /* Use soft dependencies */ #define MNT_POSIX1EACLS 0x00000800 /* shared with EXKERB */ +#define MNT_ACLS MNT_POSIX1EACLS /* synonym */ #define __MNT_BASIC_FLAGS \ { MNT_ASYNC, 0, "asynchronous" }, \ { MNT_AUTOMOUNTED, 0, "automounted" }, \ - { MNT_ACLS, 0, "acls" }, \ + { MNT_NFS4ACLS, 0, "nfs4acls" }, \ { MNT_POSIX1EACLS, 0, "posix1eacls" }, \ { MNT_DISCARD, 0, "discard" }, \ { MNT_EXTATTR, 0, "extattr" }, \ @@ -130,7 +131,7 @@ typedef struct fhandle fhandle_t; #define MNT_BASIC_FLAGS (MNT_ASYNC | MNT_AUTOMOUNTED | MNT_DISCARD | \ MNT_EXTATTR | MNT_LOG | MNT_NOATIME | MNT_NOCOREDUMP | MNT_NODEV | \ MNT_NODEVMTIME | MNT_NOEXEC | MNT_NOSUID | MNT_RDONLY | MNT_RELATIME | \ - MNT_SOFTDEP | MNT_SYMPERM | MNT_SYNCHRONOUS | MNT_UNION | MNT_ACLS | \ + MNT_SOFTDEP | MNT_SYMPERM | MNT_SYNCHRONOUS | MNT_UNION | MNT_NFS4ACLS | \ MNT_POSIX1EACLS) /* * exported mount flags. @@ -174,7 +175,7 @@ typedef struct fhandle fhandle_t; MNT_NOSUID | \ MNT_NODEV | \ MNT_UNION | \ - MNT_ACLS | \ + MNT_NFS4ACLS | \ MNT_ASYNC | \ MNT_NOCOREDUMP | \ MNT_IGNORE | \ @@ -251,7 +252,7 @@ typedef struct fhandle fhandle_t; "\31MNT_EXTATTR" \ "\30MNT_DISCARD" \ "\27MNT_GETARGS" \ - "\26MNT_ACL" \ + "\26MNT_NFS4ACLS" \ "\25MNT_IGNORE" \ "\24MNT_FORCE" \ "\23MNT_RELOAD" \ diff --git a/sys/ufs/ffs/ffs_vfsops.c b/sys/ufs/ffs/ffs_vfsops.c index badbfb0cd147..b0d914a40d26 100644 --- a/sys/ufs/ffs/ffs_vfsops.c +++ b/sys/ufs/ffs/ffs_vfsops.c @@ -1,4 +1,4 @@ -/* $NetBSD: ffs_vfsops.c,v 1.372 2020/08/20 20:28:13 christos Exp $ */ +/* $NetBSD: ffs_vfsops.c,v 1.373 2021/09/18 03:05:20 christos Exp $ */ /*- * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. @@ -61,7 +61,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ffs_vfsops.c,v 1.372 2020/08/20 20:28:13 christos Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ffs_vfsops.c,v 1.373 2021/09/18 03:05:20 christos Exp $"); #if defined(_KERNEL_OPT) #include "opt_ffs.h" @@ -398,14 +398,14 @@ ffs_mountroot(void) static void ffs_acls(struct mount *mp, int fs_flags) { - if ((fs_flags & FS_ACLS) != 0) { + if ((fs_flags & FS_NFS4ACLS) != 0) { #ifdef UFS_ACL if (mp->mnt_flag & MNT_POSIX1EACLS) printf("WARNING: %s: ACLs flag on fs conflicts with " "\"posix1eacls\" mount option; option ignored\n", mp->mnt_stat.f_mntonname); mp->mnt_flag &= ~MNT_POSIX1EACLS; - mp->mnt_flag |= MNT_ACLS; + mp->mnt_flag |= MNT_NFS4ACLS; #else printf("WARNING: %s: ACLs flag on fs but no ACLs support\n", @@ -414,11 +414,11 @@ ffs_acls(struct mount *mp, int fs_flags) } if ((fs_flags & FS_POSIX1EACLS) != 0) { #ifdef UFS_ACL - if (mp->mnt_flag & MNT_ACLS) + if (mp->mnt_flag & MNT_NFS4ACLS) printf("WARNING: %s: NFSv4 ACLs flag on fs conflicts " "with \"acls\" mount option; option ignored\n", mp->mnt_stat.f_mntonname); - mp->mnt_flag &= ~MNT_ACLS; + mp->mnt_flag &= ~MNT_NFS4ACLS; mp->mnt_flag |= MNT_POSIX1EACLS; #else printf("WARNING: %s: POSIX.1e ACLs flag on fs but no " @@ -426,8 +426,8 @@ ffs_acls(struct mount *mp, int fs_flags) #endif } - if ((mp->mnt_flag & (MNT_ACLS | MNT_POSIX1EACLS)) - == (MNT_ACLS | MNT_POSIX1EACLS)) + if ((mp->mnt_flag & (MNT_NFS4ACLS | MNT_POSIX1EACLS)) + == (MNT_NFS4ACLS | MNT_POSIX1EACLS)) { printf("WARNING: %s: posix1eacl conflicts " "with \"acls\" mount option; option ignored\n", @@ -435,7 +435,7 @@ ffs_acls(struct mount *mp, int fs_flags) mp->mnt_flag &= ~MNT_POSIX1EACLS; } - if (mp->mnt_flag & (MNT_ACLS | MNT_POSIX1EACLS)) + if (mp->mnt_flag & (MNT_NFS4ACLS | MNT_POSIX1EACLS)) mp->mnt_iflag &= ~(IMNT_SHRLOOKUP|IMNT_NCLOOKUP); else mp->mnt_iflag |= IMNT_SHRLOOKUP|IMNT_NCLOOKUP; diff --git a/sys/ufs/ffs/fs.h b/sys/ufs/ffs/fs.h index 796b2af09f0b..ca92949e7095 100644 --- a/sys/ufs/ffs/fs.h +++ b/sys/ufs/ffs/fs.h @@ -1,4 +1,4 @@ -/* $NetBSD: fs.h,v 1.68 2020/05/16 18:31:53 christos Exp $ */ +/* $NetBSD: fs.h,v 1.69 2021/09/18 03:05:20 christos Exp $ */ /* * Copyright (c) 1982, 1986, 1993 @@ -422,7 +422,7 @@ struct fs { * FS_POSIX1EACLS indicates that POSIX.1e ACLs are administratively enabled * for the file system, so they should be loaded from extended attributes, * observed for access control purposes, and be administered by object - * owners. FS_ACLS indicates that NFSv4 ACLs are administratively + * owners. FS_NFS4ACLS indicates that NFSv4 ACLs are administratively * enabled. This flag is mutually exclusive with FS_POSIX1EACLS. */ #define FS_UNCLEAN 0x001 /* file system not clean at mount (unused) */ @@ -430,6 +430,7 @@ struct fs { #define FS_NEEDSFSCK 0x004 /* needs sync fsck (FreeBSD compat, unused) */ #define FS_SUJ 0x008 /* file system using journaled softupdates */ #define FS_POSIX1EACLS 0x010 /* file system has POSIX.1e ACLs enabled */ +#define FS_ACLS FS_POSIX1EACLS /* alias */ #define FS_MULTILABEL 0x020 /* file system is MAC multi-label */ #define FS_GJOURNAL 0x40 /* gjournaled file system */ #define FS_FLAGS_UPDATED 0x80 /* flags have been moved to new location */ @@ -438,11 +439,11 @@ struct fs { #define FS_DOQUOTA2 0x200 /* in-filesystem quotas */ /* FS_INDEXDIRS 0x200 kernel supports indexed directories (FBSD)*/ #define FS_TRIM 0x400 /* discard deleted blocks in storage layer */ -#define FS_ACLS 0x800 /* file system has NFSv4 ACLs enabled */ +#define FS_NFS4ACLS 0x800 /* file system has NFSv4 ACLs enabled */ /* File system flags that are ok for NetBSD if set in fs_flags */ #define FS_KNOWN_FLAGS (FS_DOSOFTDEP | FS_DOWAPBL | FS_DOQUOTA2 | \ - FS_POSIX1EACLS | FS_ACLS) + FS_POSIX1EACLS | FS_NFS4ACLS) /* * File system internal flags, also in fs_flags. diff --git a/usr.sbin/dumpfs/dumpfs.c b/usr.sbin/dumpfs/dumpfs.c index 3eef4222362d..881bf8f6a1f4 100644 --- a/usr.sbin/dumpfs/dumpfs.c +++ b/usr.sbin/dumpfs/dumpfs.c @@ -1,4 +1,4 @@ -/* $NetBSD: dumpfs.c,v 1.64 2018/03/06 07:45:38 mlelstv Exp $ */ +/* $NetBSD: dumpfs.c,v 1.65 2021/09/18 03:05:20 christos Exp $ */ /* * Copyright (c) 1983, 1992, 1993 @@ -39,7 +39,7 @@ __COPYRIGHT("@(#) Copyright (c) 1983, 1992, 1993\ #if 0 static char sccsid[] = "@(#)dumpfs.c 8.5 (Berkeley) 4/29/95"; #else -__RCSID("$NetBSD: dumpfs.c,v 1.64 2018/03/06 07:45:38 mlelstv Exp $"); +__RCSID("$NetBSD: dumpfs.c,v 1.65 2021/09/18 03:05:20 christos Exp $"); #endif #endif /* not lint */ @@ -419,8 +419,10 @@ print_superblock(struct fs *fs, uint16_t *opostbl, printf("needs fsck run "); if (fs->fs_flags & FS_SUJ) printf("journaled soft-updates "); - if (fs->fs_flags & FS_ACLS) - printf("acls "); + if (fs->fs_flags & FS_POSIX1EACLS) + printf("posix1e acls "); + if (fs->fs_flags & FS_NFS4ACLS) + printf("nfs4 acls "); if (fs->fs_flags & FS_MULTILABEL) printf("multilabel "); if (fs->fs_flags & FS_GJOURNAL) @@ -434,8 +436,9 @@ print_superblock(struct fs *fs, uint16_t *opostbl, if (fs->fs_flags & FS_TRIM) printf("trim "); fsflags = fs->fs_flags & ~(FS_UNCLEAN | FS_DOSOFTDEP | FS_NEEDSFSCK | - FS_SUJ | FS_ACLS | FS_MULTILABEL | FS_GJOURNAL | - FS_FLAGS_UPDATED | FS_DOWAPBL | FS_DOQUOTA2 | FS_TRIM); + FS_SUJ | FS_POSIX1EACLS | FS_MULTILABEL | FS_GJOURNAL | + FS_NFS4ACLS | FS_FLAGS_UPDATED | FS_DOWAPBL | + FS_DOQUOTA2 | FS_TRIM); #ifdef FS_INDEXDIRS if (fs->fs_flags & FS_INDEXDIRS) printf("indexed directories "); @@ -444,35 +447,38 @@ print_superblock(struct fs *fs, uint16_t *opostbl, if (fsflags != 0) printf("unknown flags (%#x)", fsflags); printf("\nfsmnt\t%s\n", fs->fs_fsmnt); - if (!printold) + if (!printold) { printf("volname\t%s\tswuid\t%ju\n", fs->fs_volname, (uintmax_t)fs->fs_swuid); - if (printold) { - if (fs->fs_old_cpc != 0) - printf("blocks available in each of %d rotational " - "positions\n", fs->fs_old_nrpos); - else - printf("(no rotational position table)\n\n"); - if (ISOPT(opt_verbose)) { - int c, j, k; - for (c = 0; c < fs->fs_old_cpc; c++) { - printf("cylinder number %d:", c); - for (i = 0; i < fs->fs_old_nrpos; i++) { - if (old_fs_postbl(&afs, c, opostbl)[i] == -1) - continue; - printf("\n position %d:\t", i); - for (j = old_fs_postbl(&afs, c, opostbl)[i], k = 1; ; - j += old_fs_rotbl(&afs)[j], k++) { - printf("%5d", j); - if (k % 12 == 0) - printf("\n\t\t"); - if (old_fs_rotbl(&afs)[j] == 0) - break; - } - } - printf("\n"); + return 0; + } + + if (fs->fs_old_cpc != 0) + printf("blocks available in each of %d rotational " + "positions\n", fs->fs_old_nrpos); + else + printf("(no rotational position table)\n\n"); + + if (!ISOPT(opt_verbose)) { + return 0; + } + + for (int c = 0; c < fs->fs_old_cpc; c++) { + printf("cylinder number %d:", c); + for (i = 0; i < fs->fs_old_nrpos; i++) { + if (old_fs_postbl(&afs, c, opostbl)[i] == -1) + continue; + printf("\n position %d:\t", i); + for (int j = old_fs_postbl(&afs, c, opostbl)[i], k = 1; + ; j += old_fs_rotbl(&afs)[j], k++) { + printf("%5d", j); + if (k % 12 == 0) + printf("\n\t\t"); + if (old_fs_rotbl(&afs)[j] == 0) + break; } } + printf("\n"); } return 0;