On Tue, 8 Nov 2016, Bill Maidment wrote:
Hi again
My research has revealed that nfs in SL 7.2 is translating the
POSIX ACL to NFSv4 ACL (a completely different format).
I wondered if that was the problem. Sun was working hard to be compatible
with Microsoft when the NFSv4 ACL spec was written.
vi appears to recognise NFSv4 ACL, but Nautilus, ls and probably other
programs, only seem to recognise POSIX ACL.
So I have the following alternatives:
1. Stop nfs translating to NFSv4 ACL
2. Change the guest mount to translate NFSv4 ACL back to POSIX ACL
3. Change Nautilus, etc to recognise NFSv4 ACL
4. Use Samba instead of nfs
I'm not sure if 1. or 2. are possible and 3. may happen one day.
Does anyone know of a practical solution/workaround?
Since NFS ACLs are Microsoft-like, Samba may not solve the issue -
https://wiki.samba.org/index.php/Shares_with_POSIX_ACLs#File_system_ACLs
does not appear to mention setfacl or getfacl ...
Do you need to use ACLs, or can you get by with unix user/group/other ?
You may get more reliable behaviour if you work on a directory nearer the
branches. Permissions on the mount-point directory are often "interesting"
edge cases and often different between client and server and can change
when the remote tree is mounted or unmounted. An automounter will add an
extra layer of complication.
Cheers
Bill
-----Original message-----
From:Bill Maidment <[email protected]>
Sent: Sunday 6th November 2016 19:56
To: Karel Lang AFD <[email protected]>; [email protected]
Subject: RE: ACL Problem in SL7.2
Thanks for the response Karel.
umask is the standard 0022 and this is a top level directory on the host
machine.
I am using SL 6.8 to access the directory via nfs share.
It looks like there is no problem if the file is created with vi
But if I use Nautilus then that's when I get the issue.
So Nautilus on SL 6.8 seems to be the culprit (or is it caused by nfs?)
Cheers
Bill
-----Original message-----
From:Karel Lang AFD <[email protected]>
Sent: Sunday 6th November 2016 16:16
To: Bill Maidment <[email protected]>; [email protected]
Subject: Re: ACL Problem in SL7.2
Hi Bill
just pasted your work here to CLI and works OK on SL 6.7 and SL 7.2 here...
It has to be something else .. umask? or inherited from directory higher up?
Maybe strace would help to see whats happening exactly?
cheers
On 11/06/2016 03:58 AM, Bill Maidment wrote:
Hi
I am trying to set up ACL on a directory such that any new file created in the
directory has permissions of 0660.
However, when I create a new file, the permissions are set as 0664 (see
test.txt file below)
Is this a bug or am I doing something wrong?
These are the commands I used:
chmod -R u+rwX,g+rwXs,o-rwx /pictures
setfacl -d -m u::rwx,g::rwx,o::--- /pictures
getfacl /pictures
getfacl: Removing leading '/' from absolute path names
# file: pictures
# owner: nfs01
# group: nfs01
# flags: -s-
user::rwx
group::rwx
other::---
default:user::rwx
default:group::rwx
default:other::---
ls -latrh /pictures
total 4.0K
dr-xr-xr-x. 22 root root 4.0K Nov 6 12:41 ..
drwxrws---+ 2 nfs01 nfs01 21 Nov 6 13:10 Testing
-rw-rw-r-- 1 nfs01 nfs01 0 Nov 6 13:44 test.txt
drwxrws---+ 3 nfs01 nfs01 35 Nov 6 13:44 .
Cheers
Bill Maidment
