Hi,

I am trying to construct a simple storage using OpenSolaris in order to
access from Windows Server.

1. OpenSolaris side
- default installation of ver.134
- server name: zfs-150
- samba package installed
- successfully joined to a windows domain(e.g., winzdreamlab.local)

2. Windows Server side
- Windows Server 2003 w/ SP2 installed


With the above environment, I've tried the following procedures:


I. In OpenSolaris system:

1.  Created a pool in the OpenSolaris system
-> pfexec zpool create -f -o autoreplace=on pool1 c5d0

2. Created an LV
-> pfexec zfs create -o casesensitivity=mixed -o sharesmb=on -o nbmand=on
pool1/lv1

3. Set a share name
-> pfexec zfs set sharesmb=name=lv1 pool1/lv1


II. In Windows Server 2003 Enterprise,

1. Added a network drive /pool1/lv1 of zfs-150


III. In OpenSolaris System

1. Set a permission of the administrator of Windows 2003 server.
-> pfexec /bin/chmod
A+user:administra...@winzdreamlab.local:rwxpdDaARWcCos:fd-----:allow
/pool1/lv1
-> r...@zfs-150:/# /bin/ls -Vd /pool1/lv1
drwxr-x---+  2 root     root           2 Oct 10 09:18 /pool1/lv1
   user:administra...@winzd:rwxpdDaARWcCos:fd-----:allow
                owner@:--------------:-------:deny
                owner@:rwxpdDaARWcCos:fd-----:allow
                group@:-w-p----------:-------:deny
                group@:r-x-----------:fd-----:allow
              everyone@:rwxp---A-W-Co-:-------:deny
              everyone@:------a-R-c--s:-------:allow

IV. In Windows 2003 Server,
1. Removed "file creation/write date" permission

V. In OpenSolaris
-> pfexec /bin/ls -Vd /pool1/lv1
r...@z6s-150-123:/# /bin/ls -Vd /pool1/lv1
d---------+  2 root     root           2 Oct 10 09:18 /pool1/lv1
                 group@:-w-p----------:-------:deny
              everyone@:rwxp---A-W-Co-:-------:deny
    user:administra...@winzd:r-xpdDaARWcCos:fd-----:allow
                 group@:r-x----------s:fd-----:allow
                 owner@:rwxpdDaARWcCos:fd-----:allow
              everyone@:------a-R-c--s:-------:allow


As you can see the above result, the order of ACEs has been changed; which
means "Administrator" of Windows 2003 server does not have a right to read
the LV, /pool1/lv1, although I didn't disallow "READ" permission.


I am wondering if there's a way to preserve the order of ACEs even though I
change the permission to the LV in Windows 2003 server.

Please let me know if there's an existing thread for the above situation, if
there's a way to preserve the order when an LV is created, or if there's any
alternative way to avoid the above situatin...
Any advice/comment will be greatly appreciated.

Thanks.
_______________________________________________
storage-discuss mailing list
storage-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/storage-discuss

Reply via email to