From f04a989f2dbe7ffdf8dc178715cc5fe4c658f813 Mon Sep 17 00:00:00 2001
From: trasz <trasz@FreeBSD.org>
Date: Mon, 21 Dec 2009 19:39:10 +0000
Subject: Implement NFSv4 ACL support for UFS.

Reviewed by:	rwatson
---
 sbin/tunefs/tunefs.8 |  5 ++++-
 sbin/tunefs/tunefs.c | 60 +++++++++++++++++++++++++++++++++++++++++++---------
 2 files changed, 54 insertions(+), 11 deletions(-)

(limited to 'sbin/tunefs')

diff --git a/sbin/tunefs/tunefs.8 b/sbin/tunefs/tunefs.8
index e2664e3..53e463c 100644
--- a/sbin/tunefs/tunefs.8
+++ b/sbin/tunefs/tunefs.8
@@ -44,6 +44,7 @@
 .Op Fl L Ar volname
 .Op Fl l Cm enable | disable
 .Op Fl m Ar minfree
+.Op Fl N Cm enable | disable
 .Op Fl n Cm enable | disable
 .Op Fl o Cm space | time
 .Op Fl p
@@ -70,7 +71,7 @@ this option will cause all backups to be modified as well as the
 primary super-block.
 This is potentially dangerous - use with caution.
 .It Fl a Cm enable | disable
-Turn on/off the administrative ACL enable flag.
+Turn on/off the administrative POSIX.1e ACL enable flag.
 .It Fl e Ar maxbpg
 Indicate the maximum number of blocks any single file can
 allocate out of a cylinder group before it is forced to begin
@@ -114,6 +115,8 @@ factor of three over the performance obtained at a 10% threshold.
 If the value is raised above the current usage level,
 users will be unable to allocate files until enough files have
 been deleted to get under the higher threshold.
+.It Fl N Cm enable | disable
+Turn on/off the administrative NFSv4 ACL enable flag.
 .It Fl n Cm enable | disable
 Turn on/off soft updates.
 .It Fl o Cm space | time
diff --git a/sbin/tunefs/tunefs.c b/sbin/tunefs/tunefs.c
index 2b263bb..1b5f21a 100644
--- a/sbin/tunefs/tunefs.c
+++ b/sbin/tunefs/tunefs.c
@@ -76,12 +76,12 @@ void printfs(void);
 int
 main(int argc, char *argv[])
 {
-	char *avalue, *Jvalue, *Lvalue, *lvalue, *nvalue;
+	char *avalue, *Jvalue, *Lvalue, *lvalue, *Nvalue, *nvalue;
 	const char *special, *on;
 	const char *name;
 	int active;
 	int Aflag, aflag, eflag, evalue, fflag, fvalue, Jflag, Lflag, lflag;
-	int mflag, mvalue, nflag, oflag, ovalue, pflag, sflag, svalue;
+	int mflag, mvalue, Nflag, nflag, oflag, ovalue, pflag, sflag, svalue;
 	int ch, found_arg, i;
 	const char *chg[2];
 	struct ufs_args args;
@@ -90,12 +90,12 @@ main(int argc, char *argv[])
 	if (argc < 3)
 		usage();
 	Aflag = aflag = eflag = fflag = Jflag = Lflag = lflag = mflag = 0;
-	nflag = oflag = pflag = sflag = 0;
-	avalue = Jvalue = Lvalue = lvalue = nvalue = NULL;
+	Nflag = nflag = oflag = pflag = sflag = 0;
+	avalue = Jvalue = Lvalue = lvalue = Nvalue = nvalue = NULL;
 	evalue = fvalue = mvalue = ovalue = svalue = 0;
 	active = 0;
 	found_arg = 0;		/* At least one arg is required. */
-	while ((ch = getopt(argc, argv, "Aa:e:f:J:L:l:m:n:o:ps:")) != -1)
+	while ((ch = getopt(argc, argv, "Aa:e:f:J:L:l:m:N:n:o:ps:")) != -1)
 		switch (ch) {
 
 		case 'A':
@@ -105,7 +105,7 @@ main(int argc, char *argv[])
 
 		case 'a':
 			found_arg = 1;
-			name = "ACLs";
+			name = "POSIX.1e ACLs";
 			avalue = optarg;
 			if (strcmp(avalue, "enable") &&
 			    strcmp(avalue, "disable")) {
@@ -187,6 +187,18 @@ main(int argc, char *argv[])
 			mflag = 1;
 			break;
 
+		case 'N':
+			found_arg = 1;
+			name = "NFSv4 ACLs";
+			Nvalue = optarg;
+			if (strcmp(Nvalue, "enable") &&
+			    strcmp(Nvalue, "disable")) {
+				errx(10, "bad %s (options are %s)",
+				    name, "`enable' or `disable'");
+			}
+			Nflag = 1;
+			break;
+
 		case 'n':
 			found_arg = 1;
 			name = "soft updates";
@@ -255,10 +267,13 @@ main(int argc, char *argv[])
 		strlcpy(sblock.fs_volname, Lvalue, MAXVOLLEN);
 	}
 	if (aflag) {
-		name = "ACLs";
+		name = "POSIX.1e ACLs";
 		if (strcmp(avalue, "enable") == 0) {
 			if (sblock.fs_flags & FS_ACLS) {
 				warnx("%s remains unchanged as enabled", name);
+			} else if (sblock.fs_flags & FS_NFS4ACLS) {
+				warnx("%s and NFSv4 ACLs are mutually "
+				    "exclusive", name);
 			} else {
 				sblock.fs_flags |= FS_ACLS;
 				warnx("%s set", name);
@@ -349,6 +364,29 @@ main(int argc, char *argv[])
 				warnx(OPTWARN, "space", "<", MINFREE);
 		}
 	}
+	if (Nflag) {
+		name = "NFSv4 ACLs";
+		if (strcmp(Nvalue, "enable") == 0) {
+			if (sblock.fs_flags & FS_NFS4ACLS) {
+				warnx("%s remains unchanged as enabled", name);
+			} else if (sblock.fs_flags & FS_ACLS) {
+				warnx("%s and POSIX.1e ACLs are mutually "
+				    "exclusive", name);
+			} else {
+				sblock.fs_flags |= FS_NFS4ACLS;
+				warnx("%s set", name);
+			}
+		} else if (strcmp(Nvalue, "disable") == 0) {
+			if ((~sblock.fs_flags & FS_NFS4ACLS) ==
+			    FS_NFS4ACLS) {
+				warnx("%s remains unchanged as disabled",
+				    name);
+			} else {
+				sblock.fs_flags &= ~FS_NFS4ACLS;
+				warnx("%s cleared", name);
+			}
+		}
+	}
 	if (nflag) {
  		name = "soft updates";
  		if (strcmp(nvalue, "enable") == 0) {
@@ -423,16 +461,18 @@ usage(void)
 	fprintf(stderr, "%s\n%s\n%s\n%s\n",
 "usage: tunefs [-A] [-a enable | disable] [-e maxbpg] [-f avgfilesize]",
 "              [-J enable | disable ] [-L volname] [-l enable | disable]",
-"              [-m minfree] [-n enable | disable] [-o space | time] [-p]",
-"              [-s avgfpdir] special | filesystem");
+"              [-m minfree] [-N enable | disable] [-n enable | disable]",
+"              [-o space | time] [-p] [-s avgfpdir] special | filesystem");
 	exit(2);
 }
 
 void
 printfs(void)
 {
-	warnx("ACLs: (-a)                                         %s",
+	warnx("POSIX.1e ACLs: (-a)                                %s",
 		(sblock.fs_flags & FS_ACLS)? "enabled" : "disabled");
+	warnx("NFSv4 ACLs: (-N)                                   %s",
+		(sblock.fs_flags & FS_NFS4ACLS)? "enabled" : "disabled");
 	warnx("MAC multilabel: (-l)                               %s",
 		(sblock.fs_flags & FS_MULTILABEL)? "enabled" : "disabled");
 	warnx("soft updates: (-n)                                 %s", 
-- 
cgit v1.1