On 21 May 2017 11:09, Knister, Aaron S. (GSFC-606.2)[COMPUTER SCIENCE CORP]
wrote:
As part of a mass user id number change this past year I wrote some tools to
deal with updating ACLs on our half billion files/directories. In writing the
tool I was trying to be security conscious so I wanted a way to be able to get
and set ACLs on files without worrying about race conditions between a stat and
setxattr/getxattr should a regular file suddenly become a symlink during an acl
set/get operation.
I took a similar approach to what was done with acl_extended_file and
acl_extended_file_nofollow and moved acl_file_{get,set} to __acl_file_{get,set}
and added the ability to pass in the appropriate stat/*xattr functions.
Here's are the changes. I'm hoping they could get merged in case they're useful
to others:
https://github.com/aaronknister/acl/compare/nofollow
I'm happy to e-mail a patch via git if need be but I've not done it in a while
so it may take me a little while.
we don't use github, so if you want patches to be reviewed/merged,
you'll need to send them here. `git send-email` makes that easy.
-mike