[OpenIndiana-discuss] CIFS sharing in a Windows Domain
Robbie Crash
sardonic.smiles at gmail.com
Fri Sep 14 02:23:20 UTC 2012
I had a similar problem last year that had the same solution, I wrote a
post which goes into a bit more detail about it:
https://robbiecrash.me/?p=89
On Thu, Sep 13, 2012 at 8:45 PM, Gordon Ross <gordon.w.ross at gmail.com>wrote:
> On Wed, Sep 12, 2012 at 5:29 AM, Gabriele Bulfon <gbulfon at sonicle.com>
> wrote:
> > Hi,
> > when sharing a zfs filesystem inside a domain, I usually chmod 777 the
> base filesystem,
> > then the Windows Administsrator can start creating folders and giving
> permissions.
> > Maybe there is somtehing wrong with the way I do it, but the strange
> thing is that the base share
> > results available to Everyone, they can create folder, files, and these
> get only the permissions of this
> > user and just System. So, not even the Administrator can delete this
> files.
> > If I remember well, there is no way to change the permission of the base
> share (the zfs filesystem)
> > by the Administrator, but only subfolders inside it.
> > When sharing a zfs filesystem via CIFS, I'd like this base share to have
> just permission for the
> > Administrator, so that he can only create folders / files there, and
> then give permissions to others.
> > What's wrong?
> > Gabriele.
>
> Probably what's wrong is that "chmod 777" does not enable inheritance.
> Instead, I'd recommend:
>
> chmod A=everyone@:rwxpdDaARWcCos:fd:allow /pool/fs-name
>
> which enables the file+directory inheritane bits.
> After you do that, connect with Windows and set the
> security the way you really want it to be.
>
> Also remember to set zfs aclmode and aclinherit to passthrough
> if you want ACL changes from unix to make sense to cifs clients.
>
> --
> Gordon Ross <gwr at nexenta.com>
> Nexenta Systems, Inc. www.nexenta.com
> Enterprise class storage for everyone
>
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss
>
--
Seconds to the drop, but it seems like hours.
http://www.openmedia.ca
https://robbiecrash.me
More information about the OpenIndiana-discuss
mailing list