[OpenIndiana-discuss] Problems with ZFS ACL vs 'normal' ACL

Robbie Crash sardonic.smiles at gmail.com
Mon Apr 9 21:48:28 UTC 2012 

I thought that as well, but I have the same problems on FSes that are not
shared via netatalk, and have no netatalk shares on subdirectories. So,
that doesn't seem likely.

On Mon, Apr 9, 2012 at 17:45, Gordon Ross <gordon.w.ross at gmail.com> wrote:

> Generally, no, but I'm curious about whether there might be a bug here,
> or possibly just a configuration problem like aclmode=discard and
> some NFS or local access causing the ACL to be discarded.
> Maybe netatalk is the culpert?
>
>
> On Mon, Apr 9, 2012 at 5:20 PM, Martin Frost <me at cs.stanford.edu> wrote:
> > Is there some issue with sharing via both SMB/CIFS and NFS?
> >
> > I am planning to share the same filesystems by NFS and CIFS in oi_148.
> >
> > Martin
> >
> >  > Date: Mon, 9 Apr 2012 13:54:42 -0400
> >  > From: Gordon Ross <gordon.w.ross at gmail.com>
> >  >
> >  > Is there an NFS share of the same directory?  Or any local process
> >  > unpacking files here?
> >  >
> >  > On Mon, Apr 9, 2012 at 1:02 PM, Robbie Crash <
> sardonic.smiles at gmail.com> wr=
> >  > ote:
> >  > > Hello,
> >  > >
> >  > > I'm having some issues that are undoubtedly my fault, but that I've
> been
> >  > > unable to fix.
> >  > >
> >  > > I have several FS shared via SMB, the shares work and the data is
> >  > > available, and I can create new files/directories without issue.
> However,=
> >  >  I
> >  > > cannot edit nor delete files consistently. Usually it works for a
> few days
> >  > > or a few weeks, then all of a sudden, I cannot rename
> files/directories or
> >  > > edit existing files. I usually can fix the issue by altering the
> ZFS ACL
> >  > > using /usr/bin/chmod instead of the default one in
> /usr/gnu/bin/chmod, and
> >  > > giving full_set and read_set as requried. This is really annoying
> and has
> >  > > to be redone seemingly at random.
> >  > >
> >  > > I've tried setting aclmode and aclinherit to discard, but that
> hasn't
> >  > > helped at all. Setting to passthrough and reapplying seems to get
> things
> >  > > working for a while, then back to getting denied.
> >  > >
> >  > > The command I'm running to set the permissions is:
> >  > > $ /usr/bin/chmod A=3Downer@:full_set:fd:allow,group@
> >  > > :read_set:fd:allow,everyone@:read_set:fd:allow /Data/Dir
> >  > >
> >  > > Which gives me:
> >  > > $ /usr/bin/ls -lV /Data/
> >  > > drwxr--r--+ 25 robbie =A0 staff =A0 =A0 =A0 =A0 25 Jan 14 15:34 Dir
> >  > > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 owner@:rwxpdDaARWcCos:fd----I:allow
> >  > > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 group@:r-----a-R-c--s:fd----I:allow
> >  > > =A0 =A0 =A0 =A0 =A0 =A0 =A0everyone@:r-----a-R-c--s:fd----I:allow
> >  > >
> >  > > A normal ls just shows whatever was set with /usr/gnu/bin/chmod.
> >  > >
> >  > > Generally speaking if I do /usr/bin/ls before resetting the
> permissions, I
> >  > > get something along the lines of owner@:rwxpdDaARWcCos:------I:allow,
> so
> >  > > just the fd bits not set.
> >  > >
> >  > > Logged in locally to the box things work properly. I can
> rename/move/edit
> >  > > files without issue, it's just over SMB that there's an issue.
> >  > >
> >  > > The pool was originally created under ZFS on Linux running under
> Ubuntu,
> >  > > exported from there, and imported into OI151. Most of the shares
> are also
> >  > > configured as netatalk shares for OSX clients. I have not tested to
> see if
> >  > > OSX users have issues editing files, but I don't care about if they
> can
> >  > > since none of the OSX users should be able to edit anything on the
> server.
> >  > > Windows clients are all Windows 7 and are joined to an AD Domain,
> but are
> >  > > authenticating as local users. SMB is using local account
> authentication,
> >  > > not AD Integrated.
> >  > >
> >  > > --
> >  > > Seconds to the drop, but it seems like hours.
> >  > >
> >  > > http://www.eff.org/
> >  > > <http://www.eff.org/>http://creativecommons.org/
> >  > > _______________________________________________
> >  > > OpenIndiana-discuss mailing list
> >  > > OpenIndiana-discuss at openindiana.org
> >  > > http://openindiana.org/mailman/listinfo/openindiana-discuss
> >
> > _______________________________________________
> > OpenIndiana-discuss mailing list
> > OpenIndiana-discuss at openindiana.org
> > http://openindiana.org/mailman/listinfo/openindiana-discuss
>
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss
>



-- 
Seconds to the drop, but it seems like hours.

http://www.eff.org/
<http://www.eff.org/>http://creativecommons.org/

More information about the OpenIndiana-discuss mailing list