This is what i mean: something like ACLs is a specialized thign that some
people want, but some dont, and somethign that i think strays pretty far from
what the kernel ought to be doing. If someone wants ACLs, they should do 
it in their own modifications to a filesystem . Take ffs, take something 
else, hack in ACLs, and use it as a separate thing. don't stick it in the 
kernel's filesystem code that affects all filesystems. I mentioned AFS 
because it is a filesystem scheme that supports ACLs quite consistently 
across many platforms and OSs, many of which have no concept of ACLs in their
kernels. A freind of mine just finished a port of AFS to linux/Alpha, and i
plan to get his sources and start hacking it into NetBSD/Alpha. However, 
this will just be the AFS support, not something in the virtual 
filesystem layer. Yes, much of it is kernel code nonetheless, but it is
really a marginal piece of it: few kernels will have it in them aside from
those which need it and it was deliberately put in. Besides, i _also_ 
mentioned AFS because a lot of its operations are handled by a userland 
daemon, as an example of doing a lot of this stuff in userland as opposed 
to in the kernel. I have a particular liking for FFS as it is: it is all
around the best filesystem i have ever seen. Sure, a few others are better
at some specialized stuff (VMS's ODS2 comes to mind with its wonderful
journalling capabilities and its clustering support, for example) , but i'm
talking UNIX here and in the UNIx world nothing beats ffs, and even in 
most other worlds, nothign beats FFS. i do _not_ want to see ACLs in 
either FFS or in NetBSD itself. Have your own filesystem's implementation
of things like open() and whatnot check uid's, check ACLs, and make 
choices. Keep it out of the mainstream kernel. Keep itin userland if you 
can.  A filesystem is a database. userland databases exist all over the 
place. Some people want features, features, features, and dont midn the 
incredible cruft this brings on. This attitude is one of the things that 
has destroyed Linux: try to appeal to absolutely everyone, even if it 
ruins the system. 

Not everyone will agree with me, but in my opinion, this is BSD, not the
kitchen sink. Some things just don't belong in it. Do ACL support in some
particular filesystem instead. 

As for making it an option in the main filesystem code for the kernel itself,
stuff like this has, if you look historically, this nasty habit of becoming
mandatory over time. 

Isildur

On Thu, 8 Mar 2001, Todd Vierling wrote:
> And that's why we have compile-time kernel options.  If ACLs existed, I have
> one machine that would be able to make substantial use of it, but it'd be
> compiled out of all the others.  If you don't want it, configure it out, and
> be happy.
> 
> NetBSD will continue to add features in both the kernel and userland, and
> the developers do attempt to keep any kind of major kernel addition like
> this guarded behind a config option.