> * If an ALLOW entry has any mask bits set that don't correspond to the UNIX
> rwx permissions, we don't have a trivial ACL.
Do we really have to do this?
I mean from RFC8881:
" The server that supports both mode and ACL must take care to synchronize the
MODE4_*USR, MODE4_*GRP, and MODE4_*OTH bits with the ACEs that have respective
who fields of "OWNER@", "GROUP@", and "EVERYONE@". This way, the client can see
if semantically equivalent access permissions exist whether the client asks for
the owner, owner_group, and mode attributes or for just the ACL."
... I take it these 3 ACEs should always represent mode bits.
Or if you really wish I can shamelessly steal the AIX code there and put smth
like this:
If (aceMask & ~(ACE4_READ_DATA | ACE4_LIST_DIRECTORY
| ACE4_WRITE_DATA | ACE4_ADD_FILE
| ACE4_EXECUTE)) == 0)) return 1;
Thanks,
Ondrej
