On 02/19/10 12:30, Drew Balfour wrote:
I am trying to configure a system where there are two shares which
point to
the same directory. One of the shares is read-only and the other is
read-write. I want the read-only to prevent file deletes, even if the
user
does have the required file level permissions to delete it.
That should work, provided you've got all the permissions set up
correctly. First off, could you run the cifs-gendiag script and post the
output? Also, ls -V of a sample file that you're able to delete from the
-ro share.
sharemgr show the state-ro share as being ro from everywhere/everyone,
but I
can still delete a file from that share. Maybe I don't understand how
it is
supposed to work.
Have you tried only sharing the filesystem as read only, to confirm that
part is working? How are you connecting to the share, as Guest or as a
domain or local user?
The ro/rw/none=<access-list> option is intented to control access
based on the client connecting to the system. For example,
ro=client means that connections from "client" will not be allowed
to modify files on the share but the same users will be able to
modify files from a different host, although you can use wildcards.
However ... I just looked at the code and I think there may be a
problem. We'll investigate.
An alternative is to use share ACLs. You can set the share ACL to
Read using a Windows client: MyComputer -> Manage <connect your
system> -> Shares -> Properties -> Share Permissions.
Or you can use chmod:
cd /path-to-dataset/.zfs/shares
chmod A=everyone@:read_set/execute:fd:allow read-only-share
chmod A=everyone@:full_set:fd:allow read-write-share
Alan
_______________________________________________
cifs-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
