POSIX->NFSv4 Mapping Problems
- Mapped ACLs are two complex for users to read.
- Mapped ACLs are *much* too complex for users to write.
- Server error reporting is limited: any mistake results in
EINVAL.
The only practical way to edit POSIX-mapped ACLs is with a
POSIX-aware ACL editor.
So much for a common ACL model.
Also:
- Windows ACL editor doesn't like intermingled ALLOWs and DENYs.
(And who can blame it?)
- The mapping is fragile.
What can we do?