[nfs-discuss] Why does inserting user permission block client from seeing ACL's?

Tue, 16 Jun 2009 12:02:47 -0700 

Hey Lisa,

So no new info was posted to that other thread? I guess the outlook is not good?

http://www.opensolaris.org/jive/thread.jspa?threadID=104740&tstart=0

http://bugs.opensolaris.org/bugdatabase/search.do;jsessionid=a719b03117f52b3d335e01d5b3b2?process=1&type=&sortBy=relevance&bugStatus=&perPage=10&bugId=6261858&keyword=&textSearch=&category=&subcategory=&since
 

There appears to be no workaround either? I'm very new to NFSv4, so anything 
you can add would be appreciated.

Thanks,
John

-----Original Message-----
From: Lisa.Week at Sun.COM [mailto:lisa.w...@sun.com] 
Sent: Tuesday, June 16, 2009 11:55 AM
To: John Keiffer
Cc: nfs-discuss at opensolaris.org
Subject: Re: [nfs-discuss] Why does inserting user permission block client from 
seeing ACL's?

Looks like you are running into bug:
6261858 ls(1) -l, getfacl(1), and setfacl(1) can return "Permission  
denied" due to "nobody" and ACLs

See the June 4/5 discussion on this alias for info on this bug.

Thanks,
Lisa

On Jun 16, 2009, at 12:14 PM, John Keiffer wrote:

> I have a Solaris client that is not yet part of a domain (working on  
> it). I have the Leopard system joined to the Matrix domain and has  
> LDAP enabled. When I add an LDAP user to a folder, the client can no  
> longer list the ACLs. Its doesn't matter if the user is put at the  
> top of the ACL list (default), or the bottom (done manually).
>
> Why doesn't this work?
>
> System permissions:
>
>     nmc at Leopard-1:/pool1/acl-test-1$ ls -dV
>     drwxrwxrwx+  7 root     root          15 Jun 15 15:03 .
>             user:qacifs7077:rwxp---A-W-Co-:-------:allow  ? LDAP  
> user added via      NMV
>                      owner@:--------------:-------:deny
>                      owner@:rwxp---A-W-Co-:-------:allow
>                   everyone@:rwxp--a---c---:-------:allow
>                      group@:-w-p----------:-------:deny
>                      group@:r-x-----------:-------:allow
>
> Client response:
>
>     dumpin at c16r75:/mnt/leo1/acl-test-1# ls -dV
>     ls: can't read ACL on .: Permission denied
>     drwxrwxrwx   7 nobody   nobody        15 Jun 15 15:03 .
> -- 
> This message posted from opensolaris.org
> _______________________________________________
> nfs-discuss mailing list
> nfs-discuss at opensolaris.org

Reply via email to