Friday, June 22, 2012

NFSv4 ACL permissions sets

With respect to NFSv4 ACL permissions,
Solaris offers the following predefined permissions sets:

                                   attr xattr acl own 
                                   ---- ----- --- --- 
         full_set = rwx   p   dD   aA   RW    cC  o   s
       modify_set = rwx   p   dD   aA   RW    c_  _   s
         read_set = r__   _   __   a_   R_    c_  _   s
        write_set = _w_   p   __   _A   _W    __  _   s  
Thus:
       modify_set = read_set | write_set | (x dD)
or yet:
       modify_set = full_set & ~(C o)
   
Note the following resemblance between the trivial-ACL (UNIX standard rwx flags) and the NFSv4 predefined permissions sets (owner implies C o):

      UNIX                NFSv4
      ----      -------------------------
      r    --->  read_set   =  r      ...
       w   ---> write_set   =   w  p  ...
        x  --->                  x  
      r-x  --->  read_set   |    x     
      rwx  --->  modify_set

Again, these are the predefined permissions sets according to Solaris.
It may be useful to contrast to Windows (SMB/CIFS) permission sets