Hi, I've got exactly the same issue as Jerry, i.e. files created from Windows are not accessible to "local" users (I don't have any "local" users as such but also access the shares over NFS on other machines).
In additional, any folders/files that were pre-existing on the zfs dataset when it was shared are not accessible to Windows users. Is there a solution/workaround to this? R. Jerry Backlin wrote: > Afshin, > > Sorry I been on vacation a few days.... > > Below I hope you have the info you need. I'm very interested to see what > I been missing. > > TIA, > Jerry > > #ls -l > ----------+ 1 backlin staff 1109 Jan 31 11:09 nsswitch.conf > drwxrwxrwx+ 2 backlin staff 3 Jan 1 11:09 Solaris 10 > ----------+ 1 backlin staff 3937402880 Jan 29 18:06 solarisdvd.iso > drwxrwxrwx+ 4 backlin staff 5 Dec 15 18:37 StarOffice > # ls -vd > drwxrwxrwx+ 11 backlin staff 15 Feb 13 08:04 . > 0:user:backlin::deny > 1:user:backlin:list_directory/read_data/add_file/write_data > /add_subdirectory/append_data/read_xattr/write_xattr/execute > /delete_child/read_attributes/write_attributes/delete/read_acl > /write_acl/write_owner/synchronize:allow > 2:group:2147483648::deny > 3:group:2147483648:list_directory/read_data/add_file/write_data > /add_subdirectory/append_data/read_xattr/write_xattr/execute > /delete_child/read_attributes/write_attributes/delete/read_acl > /write_acl/write_owner/synchronize:allow > 4:owner@::deny > 5:owner@:list_directory/read_data/add_file/write_data/add_subdirectory > /append_data/write_xattr/execute/write_attributes/write_acl > /write_owner:allow > 6:group@::deny > 7:group@:list_directory/read_data/add_file/write_data/add_subdirectory > /append_data/execute:allow > 8:everyone@:write_xattr/write_attributes/write_acl/write_owner:deny > 9:everyone@:list_directory/read_data/add_file/write_data > /add_subdirectory/append_data/read_xattr/execute/read_attributes > /read_acl/synchronize:allow > # > > # ls -v > ----------+ 1 backlin staff 1109 Jan 31 11:09 nsswitch.conf > 0:user:backlin:read_data/write_data/append_data/read_xattr/write_xattr > /execute/delete_child/read_attributes/write_attributes/delete > /read_acl/write_acl/write_owner/synchronize:allow > 1:group:2147483648:read_data/write_data/append_data/read_xattr > /write_xattr/execute/delete_child/read_attributes/write_attributes > /delete/read_acl/write_acl/write_owner/synchronize:allow > drwxrwxrwx+ 2 backlin staff 3 Jan 1 11:09 Solaris 10 > 0:user:backlin::deny > 1:user:backlin:list_directory/read_data/add_file/write_data > /add_subdirectory/append_data/read_xattr/write_xattr/execute > /delete_child/read_attributes/write_attributes/delete/read_acl > /write_acl/write_owner/synchronize:allow > 2:group:2147483648::deny > 3:group:2147483648:list_directory/read_data/add_file/write_data > /add_subdirectory/append_data/read_xattr/write_xattr/execute > /delete_child/read_attributes/write_attributes/delete/read_acl > /write_acl/write_owner/synchronize:allow > 4:owner@::deny > 5:owner@:list_directory/read_data/add_file/write_data/add_subdirectory > /append_data/write_xattr/execute/write_attributes/write_acl > /write_owner:allow > 6:group@::deny > 7:group@:list_directory/read_data/add_file/write_data/add_subdirectory > /append_data/execute:allow > 8:everyone@:write_xattr/write_attributes/write_acl/write_owner:deny > 9:everyone@:list_directory/read_data/add_file/write_data > /add_subdirectory/append_data/read_xattr/execute/read_attributes > /read_acl/synchronize:allow > ----------+ 1 backlin staff 3937402880 Jan 29 18:06 solarisdvd.iso > 0:user:backlin:read_data/write_data/append_data/read_xattr/write_xattr > /execute/delete_child/read_attributes/write_attributes/delete > /read_acl/write_acl/write_owner/synchronize:allow > 1:group:2147483648:read_data/write_data/append_data/read_xattr > /write_xattr/execute/delete_child/read_attributes/write_attributes > /delete/read_acl/write_acl/write_owner/synchronize:allow > drwxrwxrwx+ 4 backlin staff 5 Dec 15 18:37 StarOffice > 0:user:backlin::deny > 1:user:backlin:list_directory/read_data/add_file/write_data > /add_subdirectory/append_data/read_xattr/write_xattr/execute > /delete_child/read_attributes/write_attributes/delete/read_acl > /write_acl/write_owner/synchronize:allow > 2:group:2147483648::deny > 3:group:2147483648:list_directory/read_data/add_file/write_data > /add_subdirectory/append_data/read_xattr/write_xattr/execute > /delete_child/read_attributes/write_attributes/delete/read_acl > /write_acl/write_owner/synchronize:allow > 4:owner@::deny > 5:owner@:list_directory/read_data/add_file/write_data/add_subdirectory > /append_data/write_xattr/execute/write_attributes/write_acl > /write_owner:allow > 6:group@::deny > 7:group@:list_directory/read_data/add_file/write_data/add_subdirectory > /append_data/execute:allow > 8:everyone@:write_xattr/write_attributes/write_acl/write_owner:deny > 9:everyone@:list_directory/read_data/add_file/write_data > /add_subdirectory/append_data/read_xattr/execute/read_attributes > /read_acl/synchronize:allow > # > > Afshin Salek wrote: >> Hi Jerry, >> >> If I have the actual ACL on the parent directory and the file >> created from Windows, I can better answer your questions. You >> can view the directory's ACL with "ls -vd" and file's ACL with >> "ls -v" >> >> As a general note, Windows inheritance rules are different from >> ZFS and/or POSIX rules. When you create a file from Windows you >> get the Windows rules not the latter (and it's not optional :) ) >> >> Thanks, >> Afshin >> >> Janice Chang wrote: >>> Hi Jerry. Thank you for the information. I'm cc'ing >>> [email protected], where most >>> of the CIFS folk hang out. >>> >>> Janice >>> >>> Jerry Backlin wrote: >>>> Janice, >>>> >>>> Below you have 2 files where the first one is written from a windows >>>> system. It seems to pick up the right owner but the file protection >>>> is set up to disallow users on the solaris system to access the >>>> file. This means that if I want >>>> to access the file when logged in on Solaris I need to change the >>>> protection. The parent directory have the protection set up to allow >>>> everybody full access and I work in workgroup mode. >>>> >>>> ----------+ 1 backlin staff 1109 Jan 31 11:09 nsswitch.conf >>>> drwxrwxrwx+ 2 backlin staff 3 Jan 1 11:09 Solaris 10 >>>> >>>> I assume there must be a way to set up zfs to allow files to be >>>> accessed by the same user on the solaris system and also manage who >>>> has access to a file created from a networked windows system. >>>> >>>> In addition I can't create folders from a windows system, I get >>>> access denied. Is there something I have missed when setting up the >>>> system? >>>> >>>> TIA, >>>> Jerry >>>> >>>> >>>> >>>> >>>> Janice Chang wrote: >>>>> Hi Jerry. Thank you for your inquiry. >>>>> >>>>> Would appreciate some examples showing the permissions set from >>>>> Windows and what is seen vs. what is expected on the Solaris server. >>>>> >>>>> Thanks! >>>>> Janice >>>>> >>>>> Jerry Backlin wrote: >>>>>> I'm using sharesmb (b82) in my home office server with XP & W2K >>>>>> clients. Upgrades have caused some hickups and the smbpasswd file >>>>>> had been reset for me but that is addressed now. >>>>>> I can not get my hands around how file protection should be set >>>>>> up. currently a file written into the zfs share does not inherit >>>>>> the protection parent filesystem, from solaris you have no access. >>>>>> I assume this has not been addressed yet >>>>>> >>>>>> Jerry >>>>>> >>>>>> >>>>>> This message posted from opensolaris.org >>>>>> _______________________________________________ >>>>>> opensolaris-discuss mailing list >>>>>> [EMAIL PROTECTED] >>>>>> >>>> _______________________________________________ >>>> opensolaris-discuss mailing list >>>> [EMAIL PROTECTED] >>>> >>> _______________________________________________ >>> storage-discuss mailing list >>> [email protected] >>> http://mail.opensolaris.org/mailman/listinfo/storage-discuss >> >> > _______________________________________________ > storage-discuss mailing list > [email protected] > http://mail.opensolaris.org/mailman/listinfo/storage-discuss _______________________________________________ storage-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/storage-discuss
