The Linux Programming Interface > Access Control Lists > ACL Implementation Limits - Pg. : Safari Books Online

Table of Contents

Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

This Book

The Linux Programming Interface

The Linux Programming Interface

Search

Contents

Praise for The Linux Programming Interface

Ch. 1. History and Standards

Ch. 2. Fundamental Concepts

Ch. 3. System Programming Concepts

Ch. 4. File I/O: The Universal I/O Model

Ch. 5. File I/O: Further Details

Ch. 6. Processes

Ch. 7. Memory Allocation

Ch. 8. Users and Groups

Ch. 9. Process Credentials

Ch. 11. System Limits and Options

Ch. 12. System and Process Information

Ch. 13. File I/O Buffering

Ch. 14. File Systems

Ch. 15. File Attributes

Ch. 16. Extended Attributes

Ch. 17. Access Control Lists

ACL Permission-Checking Algorithm

Long and Short Text Forms for ACLs

The ACL_MASK Entry and the ACL Group Class

The getfacl and setfacl Commands

Default ACLs and File Creation

ACL Implementation Limits

Ch. 18. Directories and Links

Ch. 19. Monitoring File Events

Ch. 20. Signals: Fundamental Concepts

Ch. 21. Signals: Signal Handlers

Ch. 22. Signals: Advanced Features

Ch. 23. Timers and Sleeping

Ch. 24. Process Creation

Ch. 25. Process Termination

Ch. 26. Monitoring Child Processes

Ch. 27. Program Execution

Ch. 28. Process Creation and Program Execution in More Detail

Ch. 29. Threads: Introduction

Ch. 30. Threads: Thread Synchronization

Ch. 31. Threads: Thread Safety and Per-Thread Storage

Ch. 32. Threads: Thread Cancellation

Ch. 33. Threads: Further Details

Ch. 34. Process Groups, Sessions, and Job Control

Ch. 35. Process Priorities and Scheduling

Ch. 36. Process Resources

Ch. 37. Daemons

Ch. 38. Writing Secure Privileged Programs

Ch. 39. Capabilities

Ch. 40. Login Accounting

Ch. 41. Fundamentals of Shared Libraries

Ch. 42. Advanced Features of Shared Libraries

Ch. 43. Interprocess Communication Overview

Ch. 44. Pipes and FIFOs

Ch. 45. Introduction to System V IPC

Ch. 46. System V Message Queues

Ch. 47. System V Semaphores

Ch. 48. System V Shared Memory

Ch. 49. Memory Mappings

Ch. 50. Virtual Memory Operations

Ch. 51. Introduction to POSIX IPC

Ch. 52. POSIX Message Queues

Ch. 53. POSIX Semaphores

Ch. 54. POSIX Shared Memory

Ch. 55. File Locking

Ch. 56. Sockets: Introduction

Ch. 57. Sockets: UNIX Domain

Ch. 58. Sockets: Fundamentals of TCP/IP Networks

Ch. 59. Sockets: Internet Domains

Ch. 60. Sockets: Server Design

Ch. 61. Sockets: Advanced Topics

Ch. 62. Terminals

Ch. 63. Alternative I/O Models

Ch. 64. Pseudoterminals

Appx. A. Tracing System Calls

Appx. B. Parsing Command-Line Options

Appx. C. Casting the NULL Pointer

Appx. D. Kernel Configuration

Appx. E. Further Sources of Information

Appx. F. Solutions to Selected Exercises

Appx. G. Updates

URL

Help

17.7. ACL Implementation Limits

The various file-system implementations impose limits on the number of entries in an ACL:

On ext2, ext3, and ext4, the total number of ACLs on a file is governed by the requirement that the bytes in all of the names and values of a file’s extended attributes must be contained in a single logical disk block (Section 16.2). Each ACL entry requires 8 bytes, so that the maximum number of ACL entries for a file is somewhat less (because of some overhead for the name of the extended attribute for the ACL) than one-eighth of the block size. Thus, a 4096-byte block size allows for a maximum of around 500 ACL entries. (Kernels before 2.6.11 imposed an arbitrary limitation of 32 entries for ACLs on ext2 and ext3.)
On XFS, an ACL is limited to 25 entries.
On Reiserfs and JFS, ACLs can contain up to 8191 entries. This limit is a consequence of the size limitation (64 kB) imposed by the VFS on the value of an extended attribute (Section 16.2).

You are currently reading a PREVIEW of this book.

Get instant access to over
$1 million worth of books and videos.

Start a Free Trial