Re: [cifs-discuss] diff between sharesnb and sharenfs
Dick Hoogendijk wrote: On 6-5-2010 8:14, Ryan John wrote: Hi Dick, I'm not a developer, just a user, but I had the same problem. The following recipe worked for me, and I hope it helps. I'm just cutting/paste from my wiki. Create the share: ~# zfs create -o casesensitivity=mixed -o nbmand=on pool/tank ~# zfs set aclmode=passthrough pool/tank # These 2 parameters are needed if you are ~# zfs set aclinherit=passthrough pool/tank # also going to share files with NFSv3 ~# zfs set sharesmb=on pool/tank ~# zfs set sharesmb=name=tank pool/tank Change the ACLs: ~# cd /pool/tank ~# chmod A=everyone@:r-a-R-c--s:---:allow . # needed for nfs3 mount by root ~# chmod A+group@:rwxp--:fd-:allow . ~# chmod A+owner@: rwxp---A-W-Co-:fd-:allow . ~# chmod A+group:some_group:rwxpd-aARWc--s:fd:allow . ~# chmod A+group:admin_group:rwxpdDaARWcCos:fd:allow . The first 3 lines will make the trivial ACLs look like (drwxrwxr--) Thanks for the explanation. It's very clear. One thing thouhg: the zfs shares do already exist. Do I have to recreate them or can I just add the options "casesensitivity, nbmand,aclmode,aclinherit" to the existing zfs datasets? If you want to change casesensitivity, you will need to recreate the dataset: it can only be set on dataset creation and 'mixed' is almost always the right choice when sharing files between Windows and UNIX environments. IIRC, the others can be set as required on an existing dataset The zfs man page has more details. If you can update to the most recent snv dev build, you should get a set of improvements in this area. Alan ___ cifs-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
Re: [cifs-discuss] diff between sharesnb and sharenfs
We've done a lot of work in this area in recent builds. I think there were 6 or 7 CRs in total but some important ones to look for are: 6899409 Preserve owner@/group@ across SMB PSARC 2009/683 Reserved uid/gid for distinguishing unmappable users/groups in NFSv4 ACLs 6261858 ls(1) -l, getfacl(1), and setfacl(1) can return "Permission denied" due to "nobody" and ACLs PSARC/2010/029 Improved ACL interoperability 6923083 ZFS/NFS/SMB ACL interoperability changes I think the scenarios below will go away with these updates. Alan -- Ryan John wrote: Hi Dick, I'm not a developer, just a user, but I had the same problem. The following recipe worked for me, and I hope it helps. I'm just cutting/paste from my wiki. Create the share: ~# zfs create -o casesensitivity=mixed -o nbmand=on pool/tank ~# zfs set aclmode=passthrough pool/tank # These 2 parameters are needed if you are ~# zfs set aclinherit=passthrough pool/tank # also going to share files with NFSv3 ~# zfs set sharesmb=on pool/tank ~# zfs set sharesmb=name=tank pool/tank Change the ACLs: ~# cd /pool/tank ~# chmod A=everyone@:r-a-R-c--s:---:allow . # needed for nfs3 mount by root ~# chmod A+group@:rwxp--:fd-:allow . ~# chmod A+owner@: rwxp---A-W-Co-:fd-:allow . ~# chmod A+group:some_group:rwxpd-aARWc--s:fd:allow . ~# chmod A+group:admin_group:rwxpdDaARWcCos:fd:allow . The first 3 lines will make the trivial ACLs look like (drwxrwxr--) Regards John -Original Message- From: [email protected] [mailto:[email protected]] On Behalf Of Dick Hoogendijk Sent: 05 May 2010 22:04 To: [email protected] Subject: [cifs-discuss] diff between sharesnb and sharenfs I have some ZFS datasets that are shared through CIFS/NFS. So I created them with sharenfs/sharesmb options. I have full access from windows (through cifs) to the datasets, however, all files and directories are created with (UNIX) permisions of (--)/(d--). So, although I can access the files now from my windows machiens, I can -NOT- access the same files with NFS. I know I gave myself full permissions in the ACL list. That's why sharesmb works I guess. But what do I have to do to make -BOTH- work? ___ cifs-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
Re: [cifs-discuss] diff between sharesnb and sharenfs
On 6-5-2010 8:14, Ryan John wrote: Hi Dick, I'm not a developer, just a user, but I had the same problem. The following recipe worked for me, and I hope it helps. I'm just cutting/paste from my wiki. Create the share: ~# zfs create -o casesensitivity=mixed -o nbmand=on pool/tank ~# zfs set aclmode=passthrough pool/tank # These 2 parameters are needed if you are ~# zfs set aclinherit=passthrough pool/tank # also going to share files with NFSv3 ~# zfs set sharesmb=on pool/tank ~# zfs set sharesmb=name=tank pool/tank Change the ACLs: ~# cd /pool/tank ~# chmod A=everyone@:r-a-R-c--s:---:allow . # needed for nfs3 mount by root ~# chmod A+group@:rwxp--:fd-:allow . ~# chmod A+owner@: rwxp---A-W-Co-:fd-:allow . ~# chmod A+group:some_group:rwxpd-aARWc--s:fd:allow . ~# chmod A+group:admin_group:rwxpdDaARWcCos:fd:allow . The first 3 lines will make the trivial ACLs look like (drwxrwxr--) Thanks for the explanation. It's very clear. One thing thouhg: the zfs shares do already exist. Do I have to recreate them or can I just add the options "casesensitivity, nbmand,aclmode,aclinherit" to the existing zfs datasets? -- + All that's really worth doing is what we do for others (Lewis Carrol) ___ cifs-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
Re: [cifs-discuss] diff between sharesnb and sharenfs
Hi Dick, I'm not a developer, just a user, but I had the same problem. The following recipe worked for me, and I hope it helps. I'm just cutting/paste from my wiki. Create the share: ~# zfs create -o casesensitivity=mixed -o nbmand=on pool/tank ~# zfs set aclmode=passthrough pool/tank # These 2 parameters are needed if you are ~# zfs set aclinherit=passthrough pool/tank # also going to share files with NFSv3 ~# zfs set sharesmb=on pool/tank ~# zfs set sharesmb=name=tank pool/tank Change the ACLs: ~# cd /pool/tank ~# chmod A=everyone@:r-a-R-c--s:---:allow . # needed for nfs3 mount by root ~# chmod A+group@:rwxp--:fd-:allow . ~# chmod A+owner@: rwxp---A-W-Co-:fd-:allow . ~# chmod A+group:some_group:rwxpd-aARWc--s:fd:allow . ~# chmod A+group:admin_group:rwxpdDaARWcCos:fd:allow . The first 3 lines will make the trivial ACLs look like (drwxrwxr--) Regards John -Original Message- From: [email protected] [mailto:[email protected]] On Behalf Of Dick Hoogendijk Sent: 05 May 2010 22:04 To: [email protected] Subject: [cifs-discuss] diff between sharesnb and sharenfs I have some ZFS datasets that are shared through CIFS/NFS. So I created them with sharenfs/sharesmb options. I have full access from windows (through cifs) to the datasets, however, all files and directories are created with (UNIX) permisions of (--)/(d--). So, although I can access the files now from my windows machiens, I can -NOT- access the same files with NFS. I know I gave myself full permissions in the ACL list. That's why sharesmb works I guess. But what do I have to do to make -BOTH- work? -- + All that's really worth doing is what we do for others (Lewis Carrol) ___ cifs-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/cifs-discuss ___ cifs-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
