Add --disable-setaccesscontrol flag to prevent SetAccessControl calls on HNS accounts

[Copilot]

When mounting an HNS account using accountType set to ADLS, the system preserves permissions for files by default. When creating a file, the kernel implicitly calls a chmod operation which results in a REST call to the SetAccessControl API in datalake.go. Users whose authentication doesn't have permissions to change the mode of a blob experience failures on the backend.

This PR adds a new CLI flag --disable-setaccesscontrol that allows users to disable the SetAccessControl functionality for chmod operations while maintaining all other HNS account functionality.

Changes

• Added CLI flag: --disable-setaccesscontrol (boolean, defaults to false)
• Updated configuration structures: Added DisableSetAccessControl to config options and internal config
• Modified ChangeMod function: Added early return when flag is enabled, skipping SetAccessControl API calls
• Added comprehensive tests: Unit tests for config parsing and ChangeMod behavior verification

Behavior

• Default (--disable-setaccesscontrol=false): Normal behavior, SetAccessControl is called during chmod operations
• Disabled (--disable-setaccesscontrol=true): Chmod operations succeed without calling SetAccessControl API

Usage

# CLI flag
blobfuse2 mount /mnt/storage --config-file=config.yaml --disable-setaccesscontrol

# Configuration file
azstorage:
  disable-setaccesscontrol: true

This maintains full backward compatibility while providing a solution for users with limited Azure permissions to successfully mount and use HNS accounts.

Fixes #1935.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[Copilot]

@vibhansa-msft 👋 This repository doesn't have Copilot instructions. With Copilot instructions, I can understand the repository better, work faster and produce higher quality PRs.

I can generate a .github/copilot-instructions.md file for you automatically. Click here to open a pre-filled issue and assign it to me. I'll write the instructions, and then tag you for review.

[Copilot]

Copilot wasn't able to review any files in this pull request.

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[vibhansa-msft]

ignoreAccessModifiers is also doing someting similar, lets consolidate both the flags with "preserve-permissions" name. By default flag will be set to 'default'. In block_blob.go it shall ignore both chmod and chown operations while in case of datalake chown shall be ignored. If flag is set explicitly to false then datalake shall ignore chmod as well, rest remains same as default. If flag is set explicitly to true then we shall return back ENOSUP from block_blob and chown in datalake.

[syeleti-msft]

@vibhansa-msft , there is already a flag preserve-acl that was introduced recently which might help here?

[vibhansa-msft]

preserve-acl flag is to only preserve ACLs while overwriting a file. Also, ACLs and permissions are different things so tommorow we may need a differentiation between these two for when to preserve what