From 4fdf83f4dd2b0c3a0688d23de23ad953abf473ac Mon Sep 17 00:00:00 2001 From: Nikolaus Rath Date: Tue, 22 Nov 2016 16:37:13 -0800 Subject: Document that FUSE_CAP_POSIX_ACL turns on -o default_permissions --- doc/mount.fuse.8 | 9 ++++++--- include/fuse_common.h | 6 +++++- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/doc/mount.fuse.8 b/doc/mount.fuse.8 index baec995..81c498e 100644 --- a/doc/mount.fuse.8 +++ b/doc/mount.fuse.8 @@ -55,9 +55,12 @@ filesystem. The check by the kernel is done in addition to any permission checks by the filesystem, and both have to succeed for an operation to be allowed. The kernel performs a standard UNIX permission check (based on mode bits and ownership of the directory entry, and -uid/gid of the client). If the filesystem supports extended -attributes and the kernel is sufficiently recent, it may also take -into account access control lists (ACLs). +uid/gid of the client). + +This mount option is activated implicitly if the filesystem enables +ACL support during the initial feature negotiation when opening the +device fd. In this case, the kernel performs both ACL and standard +unix permission checking. Filesystems that do not implement any permission checking should generally add this option internally. diff --git a/include/fuse_common.h b/include/fuse_common.h index 04b378f..3da27c1 100644 --- a/include/fuse_common.h +++ b/include/fuse_common.h @@ -253,7 +253,7 @@ struct fuse_file_info { #define FUSE_CAP_PARALLEL_DIROPS (1 << 18) /** - * Indicates support for POSIX ACL. + * Indicates support for POSIX ACLs. * * If this feature is enabled, the kernel will cache and have * responsibility for enforcing ACLs. ACL will be stored as xattrs and @@ -263,6 +263,10 @@ struct fuse_file_info { * created. Note that this requires that the file system is able to * parse and interpret the xattr representation of ACLs. * + * Enabling this feature implicitly turns on the + * ``default_permissions`` mount option (even if it was not passed to + * mount(2)). + * * This feature is disabled by default. */ #define FUSE_CAP_POSIX_ACL (1 << 19) -- cgit v1.2.3