summaryrefslogtreecommitdiffstats
path: root/docs
diff options
context:
space:
mode:
authorVivek Goyal2021-06-22 17:08:52 +0200
committerDr. David Alan Gilbert2021-07-05 11:51:26 +0200
commit65a820d292622fd2c3e1e5cd49455adc7f90faf0 (patch)
treeddc113a62d2a625e593a537507d7993991e6106d /docs
parentvirtiofsd: Switch creds, drop FSETID for system.posix_acl_access xattr (diff)
downloadqemu-65a820d292622fd2c3e1e5cd49455adc7f90faf0.tar.gz
qemu-65a820d292622fd2c3e1e5cd49455adc7f90faf0.tar.xz
qemu-65a820d292622fd2c3e1e5cd49455adc7f90faf0.zip
virtiofsd: Add an option to enable/disable posix acls
fuse has an option FUSE_POSIX_ACL which needs to be opted in by fuse server to enable posix acls. As of now we are not opting in for this, so posix acls are disabled on virtiofs by default. Add virtiofsd option "-o posix_acl/no_posix_acl" to let users enable/disable posix acl support. By default it is disabled as of now due to performance concerns with cache=none. Currently even if file server has not opted in for FUSE_POSIX_ACL, user can still query acl and set acl, and system.posix_acl_access and system.posix_acl_default xattrs show up listxattr response. Miklos said this is confusing. So he said lets block and filter system.posix_acl_access and system.posix_acl_default xattrs in getxattr/setxattr/listxattr if user has explicitly disabled posix acls using -o no_posix_acl. As of now continuing to keeping the existing behavior if user did not specify any option to disable acl support due to concerns about backward compatibility. Signed-off-by: Vivek Goyal <vgoyal@redhat.com> Message-Id: <20210622150852.1507204-8-vgoyal@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Diffstat (limited to 'docs')
-rw-r--r--docs/tools/virtiofsd.rst3
1 files changed, 3 insertions, 0 deletions
diff --git a/docs/tools/virtiofsd.rst b/docs/tools/virtiofsd.rst
index a6c3502710..c4ac7fdf38 100644
--- a/docs/tools/virtiofsd.rst
+++ b/docs/tools/virtiofsd.rst
@@ -101,6 +101,9 @@ Options
Enable/disable extended attributes (xattr) on files and directories. The
default is ``no_xattr``.
+ * posix_acl|no_posix_acl -
+ Enable/disable posix acl support. Posix ACLs are disabled by default`.
+
.. option:: --socket-path=PATH
Listen on vhost-user UNIX domain socket at PATH.