coreutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Some options I would like to see on AIX


From: Michael Felt
Subject: Re: Some options I would like to see on AIX
Date: Fri, 5 Jun 2015 16:44:14 +0200

Well, in terms of compatibility, for people like me who have used the AIX option for years (it goes back to 1996-1997 when ACLs became mainstream in AIX (4.2 at least, if not 4.1.X).

Further, I not comprehend why coreutils shows a + on a directory (with -ld) but not on a file. Makes me wonder what it is actually reporting on.

Guess I need to dig into what (linux) xattrs are. I am assuming something not in AIX - under that label at least.

And what I have not mentioned is the -U option (for file is encrypted -- same position - plus(+) || (minus(-) -- on EFS (encrypted file system) enabled file system). Around since 2007, and only now becoming popular (thank you PCI 3.0 and PCI 3.1).

On Fri, Jun 5, 2015 at 4:24 PM, Eric Blake <address@hidden> wrote:
On 06/05/2015 08:08 AM, Michael Felt wrote:
> Two 'core' commands I use often are df and ls.
>
> An easy option (I would hope) to add is '-g' for gigabytes.
>
> AIX df:
>
> michael@x071:[/usr/bin]/usr/bin/df -g .
> Filesystem    GB blocks      Free %Used    Iused %Iused Mounted on
> /dev/hd2           3.00      0.18   94%    57355    54% /usr
> michael@x071:[/usr/bin]
>
> CoreUtils df (8.21 - so if 8.22 or 8.23 has added it, please ignore this!)
>

We intentionally removed 'df --megabytes' in 8.22 ("megabytes" means
1000*1000, but the option turned on 1024*1024), but still have kept 'df
-m' as an undocumented compatibility hack with BSD.  So extending the
undocumented hack to support -g for compatibility with AIX is indeed a
no-brainer.

> michael@x071:[/usr/bin]/opt/bin/df -g .
> /opt/bin/df: invalid option -- 'g'
> Try '/opt/bin/df --help' for more information.
>
> Also, an important option for AIX is seeing the extended inode bits (this
> may be part of xattr that configure does not understand for AIX (or I do
> not understand as a packager).
>
> AIX: has two documented 'extended bits' where they are is not officially
> documented, but find -perm will find them at position 100000000 and
> 200000000.
>
> Position 100000000 is for the so-called 'trusted-program-bit' and is no
> longer used on current AIX 6.1 and AIX 7.1 unless the system has migrated
> from AIX 5.3 (and TCB was enabled). Starting with AIX 6.1 the default is to
> use RBAC as security configuration definition - and the so-called tsh
> (truste shell) is no longer relevant. Position 200000000 means there is an
> ACL defined AND enabled (if only defined - the bit is clear)
>
> What AIX /usr/bin/ls does with the option -e is add an extra -|+ to the
> listing of the file permissions.

Sounds a bit more complicated, but may indeed be worth supporting.  ls
already knows how to look for 'doors' which are file system objects not
present in Linux but which are present elsewhere, so looking for other
special mode bits present only on AIX is not out of the question.  Is it
something where you are willing to help provide patches?

>
> For example, on AIX 5.3 (where TCB is still potentially used) you could see:
xz>
> root@x064:[/usr/bin]/usr/bin/ls -l /usr/bin/ls
> -r-xr-xr-x   1 bin      bin           28256 Mar 10 13:44 /usr/bin/ls
> root@x064:[/usr/bin]/usr/bin/ls -e /usr/bin/ls
> -r-xr-xr-x-   1 bin      bin           28256 Mar 10 13:44 /usr/bin/ls

Note that GNU ls already uses the 11th character as '.' (xattrs present)
or '+' (ACLs present), adding '-' as (ACLs present but disabled) could
indeed be a possible extension, even without needing to burn '-e' to get
it.  But '-e' is still available, so we could indeed use it.

--
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org



reply via email to

[Prev in Thread] Current Thread [Next in Thread]