Anybody have similar problems as the following
(https://www.illumos.org/issues/3571)?
I have a recurrent problem with a particular use-case involving
inherited ACLs in a ZFS shared directory (that is generally NFS and CIFS
shared as well).
when copying directory trees, the ACLs seem not to be respected.
I can easily reproduce the problem as follows in a subdirectory of $HOME:
richard@x3200:~$ zfs get aclmode,aclinherit,xattr dpool/export/home/richard
NAME PROPERTY VALUE SOURCE
dpool/export/home/richard aclmode passthrough local
dpool/export/home/richard aclinherit passthrough local
dpool/export/home/richard xattr on default
richard@x3200: ~$ /usr/bin/mkdir testacl
richard@x3200:~$ /usr/bin/chmod A=everyone@:rwxpdDaARWcCos:fd-----:allow
testacl
richard@x3200:~$ mkdir testacl/foo
richard@x3200:~$ touch testacl/foo/foo.txt
richard@x3200:~$ ls -ladV testacl/ testacl/foo/ testacl/foo/foo.txt
drwxrwxrwx+ 3 richard staff 3 févr. 17 17:22 testacl//
everyone@:rwxpdDaARWcCos:fd-----:allow
drwxrwxrwx+ 2 richard staff 3 févr. 17 17:22 testacl/foo//
everyone@:rwxpdDaARWcCos:fd----I:allow
-rwxrwxrwx+ 1 richard staff 0 févr. 17 17:22 testacl/foo/foo.txt*
everyone@:rwxpdDaARWcCos:------I:allow
up to here all is cool.
richard@x3200:~$ mkdir testacl/bar
richard@x3200:~$ /usr/bin/cp testacl/foo/foo.txt testacl/bar/
richard@x3200:~$ /usr/bin/cp -R testacl/foo testacl/bar/
richard@x3200:~$ ls -laV testacl/bar testacl/bar/foo
testacl/bar:
total 10
drwxrwxrwx+ 3 richard staff 4 févr. 17 17:24 ./
everyone@:rwxpdDaARWcCos:fd----I:allow
drwxrwxrwx+ 4 richard staff 4 févr. 17 17:23 ../
everyone@:rwxpdDaARWcCos:fd-----:allow
drwxrwxrwx 2 richard staff 3 févr. 17 17:24 foo/
owner@:rwxp--aARWcCos:-------:allow
group@:rwxp--a-R-c--s:-------:allow
everyone@:rwxp--a-R-c--s:-------:allow
-rwxrwxrwx+ 1 richard staff 0 févr. 17 17:24 foo.txt*
everyone@:rwxpdDaARWcCos:------I:allow
testacl/bar/foo:
total 7
drwxrwxrwx 2 richard staff 3 févr. 17 17:24 ./
owner@:rwxp--aARWcCos:-------:allow
group@:rwxp--a-R-c--s:-------:allow
everyone@:rwxp--a-R-c--s:-------:allow
drwxrwxrwx+ 3 richard staff 4 févr. 17 17:24 ../
everyone@:rwxpdDaARWcCos:fd----I:allow
-rwxr-xr-x 1 richard staff 0 févr. 17 17:24 foo.txt*
owner@:rwxp--aARWcCos:-------:allow
group@:r-x---a-R-c--s:-------:allow
everyone@:r-x---a-R-c--s:-------:allow
Yes, I said "_bollocks_" too.
Am I missing something in the semantic meaning of aclinherit and
aclmode, or is there indeed something awry with directory copies?
For our installation, the users are using typically nautilus (locally
and nfs) or windows explorer (cifs) and copy/paste of directory trees is
quite common.
Currently I have to intervene frequently to reset the ACL.
By the way, I can do the following with the command line:
richard@x3200:~$ /usr/bin/mkdir foobar
richard@x3200:~$ /usr/bin/cp -rp -/ testacl/foo/ testacl/foobar/
richard@x3200:~$ ls -laV testacl/foobar/ testacl/foobar/
testacl/foobar/:
total 7
drwxrwxrwx+ 2 richard staff 3 févr. 17 17:22 ./
everyone@:rwxpdDaARWcCos:fd----I:allow
drwxrwxrwx+ 5 richard staff 5 févr. 17 17:44 ../
everyone@:rwxpdDaARWcCos:fd-----:allow
-rwxrwxrwx+ 1 richard staff 0 févr. 17 17:22 foo.txt*
everyone@:rwxpdDaARWcCos:------I:allow
testacl/foobar/:
total 7
drwxrwxrwx+ 2 richard staff 3 févr. 17 17:22 ./
everyone@:rwxpdDaARWcCos:fd----I:allow
drwxrwxrwx+ 5 richard staff 5 févr. 17 17:44 ../
everyone@:rwxpdDaARWcCos:fd-----:allow
-rwxrwxrwx+ 1 richard staff 0 févr. 17 17:22 foo.txt*
everyone@:rwxpdDaARWcCos:------I:allow
But again, not with nautilus or explorer.
This is with SunOS x3200 5.11 oi_151a7 i86pc i386 i86pc
-------------------------------------------
illumos-discuss
Archives: https://www.listbox.com/member/archive/182180/=now
RSS Feed: https://www.listbox.com/member/archive/rss/182180/21175430-2e6923be
Modify Your Subscription:
https://www.listbox.com/member/?member_id=21175430&id_secret=21175430-6a77cda4
Powered by Listbox: http://www.listbox.com
