Unable to set more than 21 ACLs in a XFS filesystem

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7

Issue

Can not set more than 21 ACLs in a XFS filesystem, when trying to add a new one the following error is thrown:

[root@server ~]# setfacl -m u:user:rwx /mnt/acl_test/
setfacl: /mnt/acl_test: Invalid argument

Resolution

Use RHEL7 and create your filesystem with the option -m crc=1. For example:

# mkfs.xfs -m crc=1 /dev/sda2

Root Cause

This is by design.

The RHEL6 and the default RHEL7 XFS superblock is the version number 4. Superblock version 4 supports a maximum of only 25 ACL entries.

Diagnostic Steps

RHEL6 git code:

[rfreire@rf rhel6]$ grep XFS_ACL_MAX_ENTRIES fs/xfs/xfs_acl.h
#define XFS_ACL_MAX_ENTRIES 25
    } acl_entry[XFS_ACL_MAX_ENTRIES];

RHEL7 git code:

[rfreire@rf rhel7]$ grep XFS_ACL_MAX_ENTRIES fs/xfs/xfs_acl.h
[rfreire@rf rhel7]$

Quick reproducer:

# for i in a b c d e f g h i j k l m n o p q r s t u v w x y z ; do echo $i;  useradd $i ; setfacl -m u:"$i":rwx <destination file> ; done

The following error log messages are seen in /var/log/glusterfs/bricks/<brick name>.log:

[2016-03-11 15:27:10.120436] E [MSGID: 113001] [posix-helpers.c:1177:posix_handle_pair] 0-sftp_rep_vol01-posix: /gluster/<destination file>: key:system.posix_acl_accessflags: 0 length:212 [Invalid argument]
[2016-03-11 15:27:10.120623] I [MSGID: 115060] [server-rpc-fops.c:890:_gf_server_log_setxattr_failure] 0-sftp_rep_vol01-server: 1157: SETXATTR /<destination file> (76d60ac5-7a57-482f-a36a-036dd96ef908) ==> system.posix_acl_access

Another reproducer:

# dd if=/dev/zero of=XFS bs=1G count=1
# mkfs.xfs XFS
# losetup /dev/loop0 XFS
# mount -o rw,noatime,nouuid,attr2,delaylog,inode64,noquota /dev/loop0 /mnt
# xfs_info /mnt
# mkdir /mnt/test
# cat /etc/passwd | wc -l
# for i in `cat /etc/passwd | awk -F : '{print $1}' `; do echo $i ; setfacl -m u:"$i":rwx /mnt/test && echo OK || echo FAIL ;  done

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments