Future: Filesystem ACL and SCM

[Warren Togami]

NOTE: This info is not relevant to the near-term Fedora merge or any 
infrastructure supporting it.  We will continue to use the existing CVS 
+ ACL system.

Toshio was wondering about the possibility of using filesystem ACL's as 
part of a future ideal SCM's ACL enforcement.  It would work something 
like this:
1) PackageDB knows about all packages, owners, granted permissions, 
groups, etc.
2) PackageDB generates xattrs or FS ACL (themselves based on xattrs) 
within the SCM files/directories.
3) SCM has a custom ACL enforcement script that reads those xattrs, 
making it very fast and flexible.  ACL's could be enforced based on a 
list of users, groups, or a combination of users and groups.

I talked with a few filesystem experts within Red Hat.  They said...
- ext3 has a limit of 4KB for xattr data.  If you use the standard 
encoding of 8 bytes per uid, that has a limit of roughly 100 entities 
that could be associated with a file.  Is this too limiting?  I dunno. 
Perhaps it need not be too limiting if more extensive use of 
group-based-ACL's are used.
- XFS could possibly allow a maximum of 64KB xattr's per file, but that 
is very inefficient in filesystem storage.
- xattr's are currently not supported by NFS.

Warren Togami
wtogami at redhat.com