A GPFS file system, whether DFS exported or not, will always display an ACL entry in the following format:
A GPFS file system that has not been exported via DFS has the following ACL
entry types.
Table 2. Non-exported GPFS ACL Entry Types
| Type | Key | Applies To |
|---|---|---|
| user |
| The user who owns the object |
| user | username | The user username |
| group |
| Members of the group that owns the project |
| group | groupname | Members of the group groupname |
| other |
| Users who do not match any of the preceding entries |
| mask |
| Maximum permission granted to any entry other than the owning user entry or other entry |
When exporting a GPFS file system via DFS, additional ACL entry types, as well as a modified form of the above ACL entry types, are possible. These ACL entry types are created when using DFS ACL commands on a GPFS file system object. As such, new ACL entry types may be visible by issuing the mmgetacl command.
When exporting a GPFS file system via DFS, ACLs are affected by the default cell. In DCE, a user's local cell, or home cell, is the cell in whose Registry Database the user's principal and account ACLs are defined. Just as each user has a local cell, each ACL has a default cell.
A user or group named in an ACL entry is assumed to be from the default
cell unless the entry explicitly names a different cell. The default
cell is not necessarily the cell in which the ACL exists. The absence
of a default cell specification means the file belongs to the local
cell. Therefore, all ACLs present before DFS export and all ACLs
created by GPFS ACL commands, belong to the local cell. Consequently,
the following ACL entry types may be displayed when DFS exporting a GPFS file
system.
Table 3. DFS exported GPFS ACL Entry Types
| Type | Key | Applies To |
|---|---|---|
| user |
| The user in the default cell who owns the object |
| user | userid | The user userid from the default cell |
| foreign_user | userid/cellid | The user userid from the foreign cell cellid |
| group |
| Members of the group in the default cell that own the object |
| group | groupid | Members of the group groupid from the default cell |
| foreign_group | groupid/cellid | Members of the group groupid from the foreign cell cellid |
| other |
| Users from the default cell who do not match any of the preceding entries |
| foreign_other | cellid | Users from the foreign cell cellid who do not match any of the preceding entries |
| any_other |
| Users from any foreign cell who do not match any of the preceding entries |
| mask |
| Maximum permission granted to any entry other than the owning user entry or other entry |
Each ACL entry for a user or group includes a set of permissions that define the operations it grants to the user(s). A non-exported GPFS file system may have ACL entry permissions of the following types:
A DFS style ACL entry may display the following additional permissions.
The insert and delete DFS style permissions are meaningful only to directories. Files without DFS style ACLs may imply these permissions by having write permission to the directory. The DFS style control permission is implied by being the owner of the file.