Hi,
I am trying to construct a simple storage using OpenSolaris in order to
access from Windows Server.
1. OpenSolaris side
- default installation of ver.134
- server name: zfs-150
- samba package installed
- successfully joined to a windows domain(e.g., winzdreamlab.local)
2. Windows Server side
- Windows Server 2003 w/ SP2 installed
With the above environment, I've tried the following procedures:
I. In OpenSolaris system:
1. Created a pool in the OpenSolaris system
-> pfexec zpool create -f -o autoreplace=on pool1 c5d0
2. Created an LV
-> pfexec zfs create -o casesensitivity=mixed -o sharesmb=on -o nbmand=on
pool1/lv1
3. Set a share name
-> pfexec zfs set sharesmb=name=lv1 pool1/lv1
II. In Windows Server 2003 Enterprise,
1. Added a network drive /pool1/lv1 of zfs-150
III. In OpenSolaris System
1. Set a permission of the administrator of Windows 2003 server.
-> pfexec /bin/chmod
A+user:administra...@winzdreamlab.local:rwxpdDaARWcCos:fd-----:allow
/pool1/lv1
-> r...@zfs-150:/# /bin/ls -Vd /pool1/lv1
drwxr-x---+ 2 root root 2 Oct 10 09:18 /pool1/lv1
user:administra...@winzd:rwxpdDaARWcCos:fd-----:allow
owner@:--------------:-------:deny
owner@:rwxpdDaARWcCos:fd-----:allow
group@:-w-p----------:-------:deny
group@:r-x-----------:fd-----:allow
everyone@:rwxp---A-W-Co-:-------:deny
everyone@:------a-R-c--s:-------:allow
IV. In Windows 2003 Server,
1. Removed "file creation/write date" permission
V. In OpenSolaris
-> pfexec /bin/ls -Vd /pool1/lv1
r...@z6s-150-123:/# /bin/ls -Vd /pool1/lv1
d---------+ 2 root root 2 Oct 10 09:18 /pool1/lv1
group@:-w-p----------:-------:deny
everyone@:rwxp---A-W-Co-:-------:deny
user:administra...@winzd:r-xpdDaARWcCos:fd-----:allow
group@:r-x----------s:fd-----:allow
owner@:rwxpdDaARWcCos:fd-----:allow
everyone@:------a-R-c--s:-------:allow
As you can see the above result, the order of ACEs has been changed; which
means "Administrator" of Windows 2003 server does not have a right to read
the LV, /pool1/lv1, although I didn't disallow "READ" permission.
I am wondering if there's a way to preserve the order of ACEs even though I
change the permission to the LV in Windows 2003 server.
Please let me know if there's an existing thread for the above situation, if
there's a way to preserve the order when an LV is created, or if there's any
alternative way to avoid the above situatin...
Any advice/comment will be greatly appreciated.
Thanks.
_______________________________________________
storage-discuss mailing list
storage-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/storage-discuss
