Hi John, On Jun 16, 2009, at 1:02 PM, John Keiffer wrote:
> Hey Lisa, > > So no new info was posted to that other thread? I guess the outlook > is not good? > It is on my "to do" list for this week to look into the bug. I'll post more on that thread later this week. > http://www.opensolaris.org/jive/thread.jspa?threadID=104740&tstart=0 > > http://bugs.opensolaris.org/bugdatabase/search.do;jsessionid=a719b03117f52b3d335e01d5b3b2?process=1&type=&sortBy=relevance&bugStatus=&perPage=10&bugId=6261858&keyword=&textSearch=&category=&subcategory=&since > > There appears to be no workaround either? I'm very new to NFSv4, so > anything you can add would be appreciated. > Once the Solaris client knows about the user "qacifs" this problem will go away. Thanks, Lisa > > -----Original Message----- > From: Lisa.Week at Sun.COM [mailto:Lisa.Week at Sun.COM] > Sent: Tuesday, June 16, 2009 11:55 AM > To: John Keiffer > Cc: nfs-discuss at opensolaris.org > Subject: Re: [nfs-discuss] Why does inserting user permission block > client from seeing ACL's? > > Looks like you are running into bug: > 6261858 ls(1) -l, getfacl(1), and setfacl(1) can return "Permission > denied" due to "nobody" and ACLs > > See the June 4/5 discussion on this alias for info on this bug. > > Thanks, > Lisa > > On Jun 16, 2009, at 12:14 PM, John Keiffer wrote: > >> I have a Solaris client that is not yet part of a domain (working on >> it). I have the Leopard system joined to the Matrix domain and has >> LDAP enabled. When I add an LDAP user to a folder, the client can no >> longer list the ACLs. Its doesn't matter if the user is put at the >> top of the ACL list (default), or the bottom (done manually). >> >> Why doesn't this work? >> >> System permissions: >> >> nmc at Leopard-1:/pool1/acl-test-1$ ls -dV >> drwxrwxrwx+ 7 root root 15 Jun 15 15:03 . >> user:qacifs7077:rwxp---A-W-Co-:-------:allow ? LDAP >> user added via NMV >> owner@:--------------:-------:deny >> owner@:rwxp---A-W-Co-:-------:allow >> everyone@:rwxp--a---c---:-------:allow >> group@:-w-p----------:-------:deny >> group@:r-x-----------:-------:allow >> >> Client response: >> >> dumpin at c16r75:/mnt/leo1/acl-test-1# ls -dV >> ls: can't read ACL on .: Permission denied >> drwxrwxrwx 7 nobody nobody 15 Jun 15 15:03 . >> -- >> This message posted from opensolaris.org >> _______________________________________________ >> nfs-discuss mailing list >> nfs-discuss at opensolaris.org >
