[OpenIndiana-discuss] CIFS approach to "valid users" etc.

Wed Nov 20 23:53:45 UTC 2013

On 2013-11-20 16:32, Stefan Müller-Wilken wrote:
> Hi there,
>
> I'm currently configuring CIFS on one of my boxes (Oracle 11.1 this time, but I hope that does not matter) and I'm trying port over shares from Samba. While joining the domain worked (surprisingly) flawlessly, I have a bunch of questions regarding shares:
>
> * How can I match the "valid users" parameter, e.g. "valid users = user_a, user_b"?
> * How can I set access control on a user basis, e.g. set a share read only for a group, read write for another etc.

These seem like jobs for ACLs - to filesystem objects and to the share.
I believe you can manage them from windows explorer, as long as the
Solaris server trusts you as an administrator (integration should go
as far as to allow SMF control as "windows services" and so on, not
only FS management).

On the ZFS side, share ACLs can be managed via the virtual pseudo-file
$dataset/.zfs/shares/$sharename - you just set your share's ACLs on it

 > * How can I share directories located under users on a per user
 > basis? With Samba, that's a "path = %H/export"...

I was almost sure this is automatic, but apparently not. The way to
share homedirs (invisible generally, seen only by the user himself) is:

# cat /etc/smbautohome
*       /export/home/&

Google for more in Oracle Solaris docs ;)
http://docs.oracle.com/cd/E19120-01/open.solaris/820-2429/6ne1idac2/index.html

>
> Unfortunately there is not yet too much documentation available out there...
>
> Cheers
>   Stefan
>
>
> ________________________________
> Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss
>

-- 

+============================================================+
|                                                            |
| Климов Евгений,                                 Jim Klimov |
| технический директор                                   CTO |
| ЗАО "ЦОС и ВТ"                                  JSC COS&HT |
|                                                            |
| +7-903-7705859 (cellular)          mailto:jimklimov at cos.ru |
|                        CC:admin at cos.ru,jimklimov at gmail.com |
+============================================================+
| ()  ascii ribbon campaign - against html mail              |
| /\                        - against microsoft attachments  |
+============================================================+