diff options
author | Vivek Goyal | 2021-06-22 17:08:52 +0200 |
---|---|---|
committer | Dr. David Alan Gilbert | 2021-07-05 11:51:26 +0200 |
commit | 65a820d292622fd2c3e1e5cd49455adc7f90faf0 (patch) | |
tree | ddc113a62d2a625e593a537507d7993991e6106d /docs | |
parent | virtiofsd: Switch creds, drop FSETID for system.posix_acl_access xattr (diff) | |
download | qemu-65a820d292622fd2c3e1e5cd49455adc7f90faf0.tar.gz qemu-65a820d292622fd2c3e1e5cd49455adc7f90faf0.tar.xz qemu-65a820d292622fd2c3e1e5cd49455adc7f90faf0.zip |
virtiofsd: Add an option to enable/disable posix acls
fuse has an option FUSE_POSIX_ACL which needs to be opted in by fuse
server to enable posix acls. As of now we are not opting in for this,
so posix acls are disabled on virtiofs by default.
Add virtiofsd option "-o posix_acl/no_posix_acl" to let users enable/disable
posix acl support. By default it is disabled as of now due to performance
concerns with cache=none.
Currently even if file server has not opted in for FUSE_POSIX_ACL, user can
still query acl and set acl, and system.posix_acl_access and
system.posix_acl_default xattrs show up listxattr response.
Miklos said this is confusing. So he said lets block and filter
system.posix_acl_access and system.posix_acl_default xattrs in
getxattr/setxattr/listxattr if user has explicitly disabled
posix acls using -o no_posix_acl.
As of now continuing to keeping the existing behavior if user did not
specify any option to disable acl support due to concerns about backward
compatibility.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Message-Id: <20210622150852.1507204-8-vgoyal@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Diffstat (limited to 'docs')
-rw-r--r-- | docs/tools/virtiofsd.rst | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/docs/tools/virtiofsd.rst b/docs/tools/virtiofsd.rst index a6c3502710..c4ac7fdf38 100644 --- a/docs/tools/virtiofsd.rst +++ b/docs/tools/virtiofsd.rst @@ -101,6 +101,9 @@ Options Enable/disable extended attributes (xattr) on files and directories. The default is ``no_xattr``. + * posix_acl|no_posix_acl - + Enable/disable posix acl support. Posix ACLs are disabled by default`. + .. option:: --socket-path=PATH Listen on vhost-user UNIX domain socket at PATH. |