What is the ZFS ACL limit?

Solution 1:

According to ZFS source code, the maximum number is set to 1024. I can confirm 1024 ACLs can be set on a file on ZFS under Solaris. There might be a lower limit either in ZFS or setfacl implementation on FreeBSD

# cat maxacl
#!/bin/ksh

touch file
i=1
while true; do
  for u in $(getent passwd | nawk -F: '{print $1}'); do
    chmod A+user:$u:read_data:allow file || break 2
    printf "%d %s\n" $i $u
    i=$((i+1))
  done
  ls -v file | head
  ls -v file | wc -l
done

# ls -v file | head
-rw-r--r--+  1 root     root           0 déc   6 13:05 file
     0:user:utku3:read_data:allow
     1:user:utku2:read_data:allow
     2:user:utku1:read_data:allow
     3:user:utku0:read_data:allow
     4:user:utwww:read_data:allow
     5:user:jlliagre:read_data:allow
     6:user:nobody4:read_data:allow
     7:user:noaccess:read_data:allow
     8:user:nobody:read_data:allow
# ls -v file | tail
     1017:user:root:read_data:allow
     1018:owner@:execute:deny
     1019:owner@:read_data/write_data/append_data/write_xattr/write_attributes
         /write_acl/write_owner:allow
     1020:group@:write_data/append_data/execute:deny
     1021:group@:read_data:allow
     1022:everyone@:write_data/append_data/write_xattr/execute/write_attributes
         /write_acl/write_owner:deny
     1023:everyone@:read_data/read_xattr/read_attributes/read_acl/synchronize
         :allow

Solution 2:

I'm guessing you're the same person that asked on the FreeBSD forum and it was tested as being 127, at which point the file system gave 'no space left' errors.

Solution 3:

After writing a script myself, I got the limit at 121 on FreeBSD 9 64bit.

setfacl -b /tank/project1

i=0
for u in $(ypcat passwd|awk -F':' '{print $1}'); do
    setfacl -m user:$u:rwxpDdaARWcCos:fd----:allow /tank/project1
    let i=i+1
    echo $i $u
done