[OpenIndiana-discuss] Problems with ZFS ACL vs 'normal' ACL
Gordon Ross
gordon.w.ross at gmail.com
Mon Apr 9 21:45:10 UTC 2012
Generally, no, but I'm curious about whether there might be a bug here,
or possibly just a configuration problem like aclmode=discard and
some NFS or local access causing the ACL to be discarded.
Maybe netatalk is the culpert?
On Mon, Apr 9, 2012 at 5:20 PM, Martin Frost <me at cs.stanford.edu> wrote:
> Is there some issue with sharing via both SMB/CIFS and NFS?
>
> I am planning to share the same filesystems by NFS and CIFS in oi_148.
>
> Martin
>
> > Date: Mon, 9 Apr 2012 13:54:42 -0400
> > From: Gordon Ross <gordon.w.ross at gmail.com>
> >
> > Is there an NFS share of the same directory? Or any local process
> > unpacking files here?
> >
> > On Mon, Apr 9, 2012 at 1:02 PM, Robbie Crash <sardonic.smiles at gmail.com> wr=
> > ote:
> > > Hello,
> > >
> > > I'm having some issues that are undoubtedly my fault, but that I've been
> > > unable to fix.
> > >
> > > I have several FS shared via SMB, the shares work and the data is
> > > available, and I can create new files/directories without issue. However,=
> > I
> > > cannot edit nor delete files consistently. Usually it works for a few days
> > > or a few weeks, then all of a sudden, I cannot rename files/directories or
> > > edit existing files. I usually can fix the issue by altering the ZFS ACL
> > > using /usr/bin/chmod instead of the default one in /usr/gnu/bin/chmod, and
> > > giving full_set and read_set as requried. This is really annoying and has
> > > to be redone seemingly at random.
> > >
> > > I've tried setting aclmode and aclinherit to discard, but that hasn't
> > > helped at all. Setting to passthrough and reapplying seems to get things
> > > working for a while, then back to getting denied.
> > >
> > > The command I'm running to set the permissions is:
> > > $ /usr/bin/chmod A=3Downer@:full_set:fd:allow,group@
> > > :read_set:fd:allow,everyone@:read_set:fd:allow /Data/Dir
> > >
> > > Which gives me:
> > > $ /usr/bin/ls -lV /Data/
> > > drwxr--r--+ 25 robbie =A0 staff =A0 =A0 =A0 =A0 25 Jan 14 15:34 Dir
> > > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 owner@:rwxpdDaARWcCos:fd----I:allow
> > > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 group@:r-----a-R-c--s:fd----I:allow
> > > =A0 =A0 =A0 =A0 =A0 =A0 =A0everyone@:r-----a-R-c--s:fd----I:allow
> > >
> > > A normal ls just shows whatever was set with /usr/gnu/bin/chmod.
> > >
> > > Generally speaking if I do /usr/bin/ls before resetting the permissions, I
> > > get something along the lines of owner@:rwxpdDaARWcCos:------I:allow, so
> > > just the fd bits not set.
> > >
> > > Logged in locally to the box things work properly. I can rename/move/edit
> > > files without issue, it's just over SMB that there's an issue.
> > >
> > > The pool was originally created under ZFS on Linux running under Ubuntu,
> > > exported from there, and imported into OI151. Most of the shares are also
> > > configured as netatalk shares for OSX clients. I have not tested to see if
> > > OSX users have issues editing files, but I don't care about if they can
> > > since none of the OSX users should be able to edit anything on the server.
> > > Windows clients are all Windows 7 and are joined to an AD Domain, but are
> > > authenticating as local users. SMB is using local account authentication,
> > > not AD Integrated.
> > >
> > > --
> > > Seconds to the drop, but it seems like hours.
> > >
> > > http://www.eff.org/
> > > <http://www.eff.org/>http://creativecommons.org/
> > > _______________________________________________
> > > OpenIndiana-discuss mailing list
> > > OpenIndiana-discuss at openindiana.org
> > > http://openindiana.org/mailman/listinfo/openindiana-discuss
>
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss
More information about the OpenIndiana-discuss
mailing list