How to find effective nfsv4 acl on files and folders

Z

zhzgygkz

Hey,

I'm using NFSv4 acl on a ZFS with several users and groups and a few allow and deny statements. How can I programmatically find the effective permission set on files and folders?

Thanks in advance!
 
What does "programmatically" mean here?

You can start with "man 3 acl", which gives you the C-callable API for manipulating ACLs. For reading ACLs, you want to start with calling acl_get.

If you are in the kernel ... life is significantly harder. There is documentation of the syscall level in "man 9 acl".

On the other hand, if you are in a high-level programming language (shell scripts, perl/python), it is probably easier to use the getfacl command (see "man 1 getfacl"). I know that Python has a specific ACL library (with a non-obvious name, it's not as simple as "import sys.acl"), which can be used to build and decode ACLs. When I was a file system developer I used that for interfacing, but that was ~10 years ago. I just did a quick search, and there are several python libraries, and I don't know which one I used.
 
Thank you for overview. I hoped there was some "read to use" tooling to do the job in userspace. I'm going to look through the man pages and for the python library.
 
You must log in or register to reply here.
Back
Top