RFC 8275, "Allowing Inheritable NFSv4 Access Control Entries to Override the Umask", December 2017Source of RFC: nfsv4 (tsv)
Errata ID: 5198
Publication Format(s) : TEXT
Reported By: Neil Brown
Date Reported: 2017-12-05
Section 1 says:
The same solution should work for NFS. However, the NFSv4 protocol does not currently give the client a way to transmit the umask of the process opening a file. And clients have no way of atomically checking for inheritable permissions and applying the umask only when necessary. As a result, the server receives an OPEN with a mode attribute that already has the umask applied.
It should say:
Implementing a comparable solution for NFS is not currently possible. It cannot be implemented in the server as the server does not know the umask, and the protocol does not allow the client to tell it. It cannot be implemented in the client as the client cannot atomically check the inheritable permissions on the containing directory and apply the umask selectively. As a result, the server receives an OPEN with a mode attribute that already has the umask applied.
The intent of the paragraph is obscured by clumsy language. It is explaining how neither the server
nor the client can currently make the required decision, but this is not immediately obvious.