Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Browse files

3254 add support in zfs for aclmode=restricted

Reviewed by: Albert Lee <>
Reviewed by: Gordon Ross <>
Approved by: Richard Lowe <>
  • Loading branch information...
1 parent 7540df3 commit 71dbfc287ce623fa58f67b024d14ef6924fa1b2a @pbhenson pbhenson committed with richlowe
4 usr/src/common/zfs/zfs_prop.c
@@ -109,6 +109,7 @@ zfs_prop_init(void)
{ "discard", ZFS_ACL_DISCARD },
{ "groupmask", ZFS_ACL_GROUPMASK },
{ "passthrough", ZFS_ACL_PASSTHROUGH },
+ { "restricted", ZFS_ACL_RESTRICTED },
{ NULL }
@@ -217,7 +218,8 @@ zfs_prop_init(void)
"hidden | visible", "SNAPDIR", snapdir_table);
zprop_register_index(ZFS_PROP_ACLMODE, "aclmode", ZFS_ACL_DISCARD,
- "discard | groupmask | passthrough", "ACLMODE", acl_mode_table);
+ "discard | groupmask | passthrough | restricted", "ACLMODE",
+ acl_mode_table);
zprop_register_index(ZFS_PROP_ACLINHERIT, "aclinherit",
"discard | noallow | restricted | passthrough | passthrough-x",
18 usr/src/man/man1m/zfs.1m
@@ -830,7 +830,7 @@ mode from the application.
.ne 2
-\fB\fBaclmode\fR=\fBdiscard\fR | \fBgroupmask\fR | \fBpassthrough\fR\fR
+\fB\fBaclmode\fR=\fBdiscard\fR | \fBgroupmask\fR | \fBpassthrough\fR\fR | \fBrestricted\fR\fR
.sp .6
.RS 4n
@@ -839,10 +839,18 @@ an \fBaclmode\fR property of \fBdiscard\fR (the default) deletes all \fBACL\fR
entries that do not represent the mode of the file. An \fBaclmode\fR property
of \fBgroupmask\fR reduces permissions granted in all \fBALLOW\fR entries found
in the \fBACL\fR such that they are no greater than the group permissions
-specified by \fBchmod\fR. A file system with an \fBaclmode\fR property of
+specified by \fBchmod\fR(2). A file system with an \fBaclmode\fR property of
\fBpassthrough\fR indicates that no changes are made to the \fBACL\fR other
-than creating or updating the necessary \fBACL\fR entries to
-represent the new mode of the file or directory.
+than creating or updating the necessary \fBACL\fR entries to represent the new
+mode of the file or directory. An \fBaclmode\fR property of \fBrestricted\fR
+will cause the \fBchmod\fR(2) operation to return an error when used on any
+file or directory which has a non-trivial \fBACL\fR whose entries can not be
+represented by a mode. \fBchmod\fR(2) is required to change the set user ID,
+set group ID, or sticky bits on a file or directory, as they do not have
+equivalent \fBACL\fR entries. In order to use \fBchmod\fR(2) on a file or
+directory with a non-trivial \fBACL\fR when \fBaclmode\fR is set to
+\fBrestricted\fR, you must first remove all \fBACL\fR entries which do not
+represent the current mode.
@@ -3939,7 +3947,7 @@ Interface Stability Committed
\fBssh\fR(1), \fBiscsitadm\fR(1M), \fBmount\fR(1M), \fBshare\fR(1M),
\fBsharemgr\fR(1M), \fBunshare\fR(1M), \fBzonecfg\fR(1M), \fBzpool\fR(1M),
\fBchmod\fR(2), \fBstat\fR(2), \fBwrite\fR(2), \fBfsync\fR(3C),
-\fBdfstab\fR(4), \fBattributes\fR(5)
+\fBdfstab\fR(4), \fBacl\fR(5), \fBattributes\fR(5)
See the \fBgzip\fR(1) man page, which is not part of the SunOS man page
6 usr/src/uts/common/fs/zfs/zfs_vnops.c
@@ -2982,6 +2982,12 @@ zfs_setattr(vnode_t *vp, vattr_t *vap, int flags, cred_t *cr,
uint64_t acl_obj;
new_mode = (pmode & S_IFMT) | (vap->va_mode & ~S_IFMT);
+ if (zp->z_zfsvfs->z_acl_mode == ZFS_ACL_RESTRICTED &&
+ !(zp->z_pflags & ZFS_ACL_TRIVIAL)) {
+ err = EPERM;
+ goto out;
+ }
if (err = zfs_acl_chmod_setattr(zp, &aclp, new_mode))
goto out;

0 comments on commit 71dbfc2

Please sign in to comment.
Something went wrong with that request. Please try again.