GNOME Bugzilla – Bug 62817
Support for POSIX ACLs
Last modified: 2021-06-18 15:16:36 UTC
It would be nice if Nautilus provided some mechanism for viewing and editing ACLs. SGI's port of <a href="http://oss.sgi.com/projects/xfs/">XFS</a> to Linux also includes ACL support. Documentation about ACLs can be found <a href="http://acl.bestbits.at/pre/gildfind-acls.pdf">here</a>.
There has been some discussion of making the properties window be extensible. This would allow us to make appropriate properties panes for things like this without building them all into Nautilus. In any case, this is something to consider either way.
Hi Matt, I also filed a gnome-vfs bug (bug 62835) to add ACL support at that level. Since there are many kinds of ACLs out there, I think adding the ACL concept at the gnome-vfs layer could help with implementing ACL management in Nautilus and other apps.
*** Bug 105391 has been marked as a duplicate of this bug. ***
*** Bug 128889 has been marked as a duplicate of this bug. ***
The extensible properties pages are in, if someone wanted to write this that way it could probably be done.
*** Bug 165791 has been marked as a duplicate of this bug. ***
Any word on the current status of this? Or pointers to the docs on writing extra properties pages?
Just to comment that already exists something that works and uses gtkmm and bonobo and has a nautilus property page, maybe useful to get ui ideas or get code... screenshot --> http://rofi.pinchito.com/eiciel/gfx/shots/principal-0.5.0.png nautilus-property page --> http://rofi.pinchito.com/eiciel/doc/x49.html CVS --> http://rofi.pinchito.com/viewcvs/eiciel/ Main site --> http://rofi.pinchito.com/eiciel/ Its name is Eiciel and the website and documentation are in catalan I think, a translator could be contacted if people get interested on it. I am not related to Eiciel in any kind.
*** Bug 303722 has been marked as a duplicate of this bug. ***
This bug really needs some attention as it actually is a security problem. Users connecting to a samba file server may be able to set ACLs on files of the server using windows GUI. This is a potential security risk, as it means that UNiX only users may be unaware that other people can read files that looks like they were private. This would be a security problem. The security problem will get even worse as the corresponding bug in KDE now have been marked as fixed in the KDE CVS, meaning that KDE 4.0 almost certainly will have support for ACLs. This means that not only windows users, but also fellow Unix/linux users may create, to Gnome user, invisible ways to see files the Gnome user thinks he has private access to.
I have that module installed in my Ubuntu 5.10 (Breezy Badger) laptop. It's nice, and I like it, except that the old permissions tab is still there, and does not stay in sync with the ACL tab changes. They should be merged into one thing that can detect whether ACL support exists in the file system, so the display changes according to that maybe. It ought to respond to changes made to permissions and ACL by outside applications. It should be an integral component of Nautilus, and not an add-in package.
*** Bug 329675 has been marked as a duplicate of this bug. ***
Created attachment 60839 [details] [review] Patch implementing ACL support This patch adds ACL support to Nautilus. It uses the new ACL support of GNOME-VFS (it is in a "acl" branch" in the CVS). It adds: removal and addition of common ACE, default ACE for directories, masks and default masks.
This patch adds "removal and addition of common ACE, default ACE for directories, masks and default masks", but does it adds access to files with ACLs. I mean, if I have a right access (defined by ACL) to a file, shall I have access to the "Delete" action (which is not accessible actually) with this patch. Or does this patch only add an ACL Managment page in the file properties ?
Created attachment 60918 [details] [review] Patch implementing ACL support This new version of the patch takes care of the file ownership. If the file isn't own by the user, the ACL is shown, but it can't be changed (the buttons and the list in insensitive).
Created attachment 63787 [details] [review] ACL tab implementation This is an updated version of the patch.. it fixes a couple of issues found in the previous version.
Is anyone looking into integrating this in 2.16?
Hi, I get the following errors when compiling nautilus 2.14.3 with the latest patch applied: In file included from ../libnautilus-private/nautilus-icon-factory.h:33, from nautilus-bookmark.h:30, from nautilus-bookmark.c:26: ../libnautilus-private/nautilus-file.h:205: error: expected '=', ',', ';', 'asm' or '__attribute__' before '*' token ../libnautilus-private/nautilus-file.h:207: error: expected declaration specifiers or '...' before 'GnomeVFSACL' Nothing else. I build the Debian package using pbuilder in a clean chroot environment. Any hints? Cheers, Julien
Mmmh maybe I haven't read this patch should be used with the acl branch of gnome-vfs... Anyone interested in building Debian packages for this? Cheers, Julien
The patch looks to leave the Permissions tab in tact; unifying this and ACL control would look better, I think. I posted mock-ups on bug #357750 of a revamped Permissions tab that has some support for POSIX ACLs but it's probably incomplete support as I haven't researched into it; I more just want to get rid of the horribly ugly dialog introduced in 2.16, which I still have to think about for a minute to figure out what I'm actually setting.
I think this bug shouldn't be set to the pre-0.1 version...
Patch was obsoleted by the GIO transition. Setting patch status.
Confirmed in nautilus 3.4. Still doesn't support viewing/editing ACLs. Note that there is a graphical utility for this called eiciel: http://packages.debian.org/wheezy/eiciel. Maybe it could provide an useful base
GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org. As part of that, we are mass-closing older open tickets in bugzilla.gnome.org which have not seen updates for a longer time (resources are unfortunately quite limited so not every ticket can get handled). If you can still reproduce the situation described in this ticket in a recent and supported software version of Files (nautilus), then please follow https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines and create a new ticket at https://gitlab.gnome.org/GNOME/nautilus/-/issues/ Thank you for your understanding and your help.