David Bryan wrote:
Alright, like many others who have posted here, I am having problems with the ACL issue working with windows. Unfortunately, the answers I've seen here and elsewhere don't seem to resolve the problem. It may be that an earlier suggestion (telling zfs to ignore the ACLs during setup back in the day) are clobbering each other...
All I want to achieve is to be able to read/write from windows (I am using NFS
to share to my other machines -- these are existing files -- and that all works
fine) I'm not trying to do anything tricky -- full permissions to all users,
not per user or anything like that.
The general suggestion is that ACLs need to be set on the root volume. I have a
zfs pool called Storage, inside is share (a separate zfs file system, so not
sure that any of the settings to Storage apply down to Storage/share or not). I
have tried setting the ACLs, as shown in many places. The commands I run are:
# /usr/bin/chmod
A=owner@:rwxpdDaARWcCos:fd:allow,group@:rwxpdDaARWcCos:fd:allow,everyone@:rwxpdDaARWcCos:fd:allow
/Storage
# /usr/bin/chmod
A=owner@:rwxpdDaARWcCos:fd:allow,group@:rwxpdDaARWcCos:fd:allow,everyone@:rwxpdDaARWcCos:fd:allow
/Storage/share
If you give everyone all the permissions as in the last entry you
don't really need the owner@ and group@ entries. Not that it would
cause any issues but it's not needed either.
and also tried:
# /usr/bin/chmod A=user:bryan:rwxpdDaARWcCos:fd:allow /Storage
# /usr/bin/chmod A=user:bryan:rwxpdDaARWcCos:fd:allow /Storage/share
New files created anywhere in the directory end up with no permissions:
# ls -alV savedfromPS.psd
----------+ 1 bryan share 59292 Jul 8 10:28 savedfromPS.psd
user:bryan:rwxpdDaARWcCos:-------:allow
group:2147483648:rwxpdDaARWcCos:-------:allow
Assuming by directory here you mean "share" this is the correct behavior
with second set of ACLs (the one with only one entry for bryan) when
creating a file over CIFS but it shouldn't happen with the first set.
On a side note, on ZFS looking at the traditional UNIX permission bits
could be misleading. Like you stated here that the file has no
permissions while it can be seen that it has an ACL with two entries
that gives full access to bryan and the specified group.
It also has the archive bit set, meaning if I create the file, edit it, and try
to save, I can't do it.
Not exactly sure what you mean here.
What version of Nevada are you running?
Is this over CIFS?
What exactly you mean by "can't do it"?
One possible issue here is that, way back, when setting up the system, I
followed the advice of many online sites that for a NAS, you disable the ACLs:
This ZFS settings only affect ACL inheritance and chmod locally or over
NFS, they don't affect the inheritance when you create a file/dir over
CIFS.
Afshin
zfs set aclinherit=discard Storage
zfs set aclinherit=discard Storage/share
zfs set aclmode=discard Storage
zfs set aclmode=discard Storage/share
I tried changing that back:
zfs set aclinherit=restricted Storage
zfs set aclmode=groupmask Storage
zfs set aclinherit=restricted Storage/share
zfs set aclmode=groupmask Storage/share
and re-ran the same /usr/bin/chmod commands above, but newly created files over
CIFS still have the same empty permissions. The current zfs properties are:
# zfs get all Storage/share
NAME PROPERTY VALUE SOURCE
Storage/share type filesystem -
Storage/share creation Mon Jun 15 22:38 2009 -
Storage/share used 688G -
Storage/share available 2.00T -
Storage/share referenced 688G -
Storage/share compressratio 1.00x -
Storage/share mounted yes -
Storage/share quota none default
Storage/share reservation none default
Storage/share recordsize 128K default
Storage/share mountpoint /Storage/share default
Storage/share sharenfs on local
Storage/share checksum on default
Storage/share compression off local
Storage/share atime on default
Storage/share devices on default
Storage/share exec on default
Storage/share setuid on default
Storage/share readonly off default
Storage/share zoned off default
Storage/share snapdir hidden default
Storage/share aclmode groupmask local
Storage/share aclinherit restricted local
Storage/share canmount on default
Storage/share shareiscsi off default
Storage/share xattr on default
Storage/share copies 1 default
Storage/share version 3 -
Storage/share utf8only off -
Storage/share normalization none -
Storage/share casesensitivity mixed -
Storage/share vscan off default
Storage/share nbmand on local
Storage/share sharesmb name=share local
Storage/share refquota none default
Storage/share refreservation none default
Storage/share primarycache all default
Storage/share secondarycache all default
Storage/share usedbysnapshots 0 -
Storage/share usedbydataset 688G -
Storage/share usedbychildren 0 -
Storage/share usedbyrefreservation 0 -
I know I am treading on frequently covered ground, but the "run the chmod"
instructions that are given as an answer everywhere simply don't seem to work for me.
What am I missing here? Am I seeing a legacy problem from having the ACLs disabled at
some point? Am I improperly mounting the volume from the windows side?
Any suggestions appreciated...this is getting frustrating! Thanks very much.
Thanks,
David
_______________________________________________
cifs-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
